Secure Coding

Featured image for: Value range propagation in GCC with Project Ranger.
Article

6 usability improvements in GCC 15

David Malcolm

GCC 15 brings better error messages and diagnostics for your code, including prettier execution paths and easier-to-read compiler errors for C++ templates.

Feature image for Red Hat Enterprise Linux.
Article

How image mode for RHEL improves security

Valentin Rothberg +1

Learn about the benefits and security features of image mode for Red Hat Enterprise Linux, including zero-drift supply chain.

C and C++ logo
Article

Making memcpy(NULL, NULL, 0) well-defined

Nikita Popov

C2y makes memcpy(NULL, NULL, 0) and other zero-length operations on null pointers well defined. This removes a source of bugs that may result in security issues.

Article Thumbnail
Article

Managing Sensitive Assets Within Image Mode for Red Hat Enterprise Linux

Andrew Block

Aside from naming and versioning, managing sensitive assets, like credentials, is one of the more challenging aspects in technology. So, why is it so difficult? Well, to start off. What may be considered a sensitive asset to one individual or organization may not be the same as another. Also, given that there are so many different ways that sensitive assets can be managed, there is no universally accepted method available.
The challenges that encompass how sensitive assets are handled also apply to image mode, a new method that enables building and deploying Operating Systems using similar tools and approaches as any other traditional container. In this article, we will discuss the types of sensitive assets that apply to image mode for RHEL specifically and how to design appropriate workflows to incorporate secure practices within all phases, from build and deployment to runtime.

Data Grid
Product Page

Red Hat Data Grid

An intelligent, distributed caching solution that boosts application performance

Red Hat Developer - Build Here Go Anywhere
Page

Red Hat Developers

Join Red Hat Developer for the software and tutorials to develop cloud applications using Kubernetes, microservices, serverless and Linux.