Abstract
Just as security mechanisms for end users need to be usable, programming platforms and APIs need to be usable for programmers. To date the security community has assembled large catalogs of dos and don’ts for programmers, but rather little guidance for the design of APIs that make secure programming easy and natural. Unix with its setuid mechanism lets us study usable security issues of programming platforms. Setuid allows certain programs to run with higher privileges than the user or process controlling them. Operating across a privilege boundary entails security obligations for the program. Obligations are known and documented, yet developers often fail to fulfill them. Using concepts and vocabulary from usable security and usability of notations theory, we can explain how the Unix platform provokes vulnerabilities in such programs. This analysis is a first step towards developing platform design guidelines to address human factors issues in secure programming.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Apple Inc.: Secure Coding Guide, 2014-02-11 edn. (2006–2014). https://developer.apple.com/library/mac/documentation/Security/Conceptual/SecureCodingGuide/
Arnold, K.: Programmers are people, too. ACM Queue 3(5), 54–59 (2005)
Bishop, M.: How to write a setuid program. Login 12(1), 5–11 (1987)
Cappos, J., Zhuang, Y., Oliveira, D., Rosenthal, M., Yeh, K.C.: Vulnerabilities as blind spots in developer’s heuristic-based decision-making processes. In: Proceedings of New Security Paradigms Workshop, NSPW 2014, pp. 53–62. ACM, New York, NY, USA (2014)
Chen, H., Wagner, D., Dean, D.: Setuid demystified. In: USENIX Security Symposium, pp. 171–190 (2002)
Crandall, J.R., Oliveira, D.: Holographic vulnerability studies: vulnerabilities as fractures in interpretation as information flows across abstraction boundaries. In: Proceedings of New Security Paradigms Workshop, NSPW 2012, pp. 141–152. ACM, New York, NY, USA (2012)
Dittmer, M.S., Tripunitara, M.V.: The unix process identity crisis: a standards-driven approach to setuid. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, CCS 2014, pp. 1391–1402. ACM, New York, NY, USA (2014)
Esser, S.: OS X 10.10 \({\rm DYLD}\_{\rm PRINT}\_{\rm TO}\_{\rm FILE}\) local privilege escalation vulnerability. https://www.sektioneins.de/blog/15-07-07-dyld_print_to_file_lpe.html (2015)
Free Software Foundation Inc: The GNU C Library Reference Manual, glibc 2.22 edn, August 2015. https://www.gnu.org/software/libc/manual/
Garfinkel, S., Spafford, G., Schwartz, A.: Practical UNIX and Internet Security, 3rd edn. O’Reilly Media, Sebastopol (2003)
Green, T.R.G., Petre, M.: Usability analysis of visual programming environments: a ‘cognitive dimensions’ framework. J. Vis. Lang. Comput. 7(2), 131–174 (1996)
Oliveira, D., Rosenthal, M., Morin, N., Yeh, K.C., Cappos, J., Zhuang, Y.: It’s the psychology stupid: how heuristics explain software vulnerabilities and how priming can illuminate developer’s blind spots. In: Proceedings of 30th Annual Computer Security Applications Conference, ACSAC 2014, pp. 296–305. ACM, New York, NY, USA (2014)
Stevens, W.R.: Advanced Programming in the UNIX Environment. Addison-Wesley Publishing Company, Reading (1992)
Tsafrir, D., Da Silva, D., Wagner, D.: The murky issue of changing process identity: revising “setuid demystified”. Login 33(3), 55–66 (2008)
Türpe, S.: Point-and-shoot security design: can we build better tools for developers? In: Proceedings of New Security Paradigms Workshop, NSPW 2012, pp. 27–42. ACM, New York, NY, USA (2012)
Wurster, G., van Oorschot, P.C.: The developer is the enemy. In: Proceedings of New Security Paradigms Workshop, NSPW 2008, pp. 89–97. ACM, New York, NY, USA (2008)
Yee, K.-P.: User interaction design for secure systems. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 278–290. Springer, Heidelberg (2002). doi:10.1007/3-540-36159-6_24
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Türpe, S. (2016). Idea: Usable Platforms for Secure Programming – Mining Unix for Insight and Guidelines. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds) Engineering Secure Software and Systems. ESSoS 2016. Lecture Notes in Computer Science(), vol 9639. Springer, Cham. https://doi.org/10.1007/978-3-319-30806-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-30806-7_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-30805-0
Online ISBN: 978-3-319-30806-7
eBook Packages: Computer ScienceComputer Science (R0)