DJB's Legacy Bearing Fruit

Rec 08-mar-2007 23:00

Dan Bernstein (a.k.a. "DJB") inaugurated a new style in Unix programming: making very small and simple programs that perform just one simple task, with particular care about reliability, failure conditions and not creating buffer overflows that may be used to subvert the program. By chaining several of these programs together, we can have reliable, fast and very secure systems.

The most proeminent examples of this philosophy are qmail and tinydns -- they got us rid of the hundreds of vulnerabilities coming form sendmail or bind. These programs brought considerable peace of mind to many system administrators: they have strong guarantees that their publicly accessible servers won't get hacked via those programs.

But most importantly, DJB refuted the idea that "secure programming is just too hard", that the level of attention to detail it requires "isn't practical", and similar bogus arguments. Parodying DJB's rather rude style, vulnerabilities are mostly an expression of the programmers' incompetence.

Still, most of DJB's ideas and techniques didn't make into mainstream just yet. I don't see many Unix programming courses using DJB's approach; instead, most of them just repeat the same dated methods based on the same dated books. Despite the fact that qmail is already the second most used mail server on the net, it's not number one yet -- security, it seems, isn't very high in most people's priorities.

However, it is with joy that I take notice that all this is changing at last. We now have several other programmers follow the DJB style:

• Laurent Bercot organized and improved several of DJB's libraries into skalibs and created many other useful utilities. His pages even follow DJB's minimalistic, classic-HTML only style.
• The SuperScript guys created SSL clients and servers compliant to DJB's UCSPI specification. They also created a similar package for IPC. There are many other goodies at their site.
• Paul Jarc has a lot of cool DJB-style software, such as utilities to manipulate file descriptors, runwhen as an alternative to cron, several tools to have your software installed at /package and much more.
• Felix von Leitner is famous for his embutils, replacements for the classic Unix ls, mv, cp, dd utilities but using the much lighter weight and no less famous diet libc. In the page for his libowfat projetct (aiming to implement DJB's stuff under the GPL), he summarizes Dan's work quite nicely:

One of the best ways to learn good programming practices is to read others people's code. I have read the source code from a lot of people. One of the most inspiring moments of my career as C programmer was to look at Dan Bernstein's code. While most programmers stumble about bad APIs throughout their life, Dan started not only question them, but he defined new and better APIs and implemented them.

• There's a site aptly named thedjbway.org showing "how to craft the perfect server" using only DJB-style software.

The work of these and many other programmers allows us to dream of future computer systems that will be much more reliable and harder to crack than today's crappy software. The future starts now: if you are a system administrator, I strongly recommend trying those utilities, reading their documentation at length and using them in your systems -- they'll get better, faster and more secure. If you are a programmer, I strongly recommend studying the code those guys wrote -- you'll become a much better programmer.

But if you're a Java-only programmer that thinks you can go by without this knowledge -- it's because of you that this future is still so far away. Remember: Java is written in C. Do yourself a favor: learn C and study that stuff.
top