Is putting security checks in the C library a good or a bad idea?
It is maybe a good idea if performance is a concern, as it bypasses the context switch (from user mode to kernel mode and back) which is an expensive (time-consuming) operation, while providing a basic level of protection from badly written programmes. However, it would be stupid not to put security checks in the kernel libraries because the user-land C libraries can be freely attacked by malicious users and programmes.
- asked 7 years ago
- B Butts