nim-wiki/Security.asciidoc

== Security

:toc: right

NOTE: The page is Work In Progress

This page documents security aspects of Nim and best practices.

Security features in the language:

* No pointer arithmetic
* http://nim-lang.org/docs/manual.html#taint-mode[Taint mode]
* The http://nim-lang.org/docs/manual.html#effect-system[Effect system] can be used for security
* Nim attempts to generate C code that does not rely on unsecure function/patterns (e.g. unchecked strcpy)
* The language encourage using immutable and const values
* Type conversions are memory-safe
* Low-level memory access allows mlock (TODO: add example) and memory wipe (TODO: add example)
* http://nim-lang.org/docs/manual.html#types-memory-regions[Memory regions] TODO

=== Compiling with GCC on Linux

Nim attempts to generate C code that does not rely on unsecure function/patterns.
As such, some of the options listed below might be less useful than when building pure-C applications.


All the following options enabled together:

[source,bash]
----
--passC:"-fPIE -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -O1 -fstack-protector-all" --passL:"-fPIE -pie -z relro -z now"
----


==== Stack protector
Terminate execution when the stack is being overwritten

[source,bash]
----
nim c --passC:"-fstack-protector-all"
----

==== Protect againt fixed-size buffer overflow

[source,bash]
----
nim c --passC:"-D_FORTIFY_SOURCE=2 -O1"
----

==== Warn on unsecure prinf usage


[source,bash]
----
nim c --passC:"-Wformat -Wformat-security"
----

==== Position independent executable

Enable ASLR

[source,bash]
----
nim c --passC:"-fPIE" --passL:"-fPIE -pie"
----

==== Full RELRO

Resolve dynamic symbols at startup and flag the GOT as read-only.

[source,bash]
----
nim c --passL:"-z relro -z now"
----


=== Resources

https://wiki.debian.org/Hardening
Created Security (asciidoc) 2016-07-17 22:24:42 +00:00			`== Security`

			`:toc: right`

			`NOTE: The page is Work In Progress`

			`This page documents security aspects of Nim and best practices.`

			`Security features in the language:`

			`* No pointer arithmetic`
			`* http://nim-lang.org/docs/manual.html#taint-mode[Taint mode]`
			`* The http://nim-lang.org/docs/manual.html#effect-system[Effect system] can be used for security`
			`* Nim attempts to generate C code that does not rely on unsecure function/patterns (e.g. unchecked strcpy)`
			`* The language encourage using immutable and const values`
			`* Type conversions are memory-safe`
Updated Security (asciidoc) 2016-07-26 14:11:02 +00:00			`* Low-level memory access allows mlock (TODO: add example) and memory wipe (TODO: add example)`
Created Security (asciidoc) 2016-07-17 22:24:42 +00:00			`* http://nim-lang.org/docs/manual.html#types-memory-regions[Memory regions] TODO`

			`=== Compiling with GCC on Linux`

			`Nim attempts to generate C code that does not rely on unsecure function/patterns.`
			`As such, some of the options listed below might be less useful than when building pure-C applications.`


			`All the following options enabled together:`

			`[source,bash]`
			`----`
			`--passC:"-fPIE -Wformat -Wformat-security -D_FORTIFY_SOURCE=2 -O1 -fstack-protector-all" --passL:"-fPIE -pie -z relro -z now"`
			`----`


			`==== Stack protector`
			`Terminate execution when the stack is being overwritten`

			`[source,bash]`
			`----`
			`nim c --passC:"-fstack-protector-all"`
			`----`

			`==== Protect againt fixed-size buffer overflow`

			`[source,bash]`
			`----`
			`nim c --passC:"-D_FORTIFY_SOURCE=2 -O1"`
			`----`

			`==== Warn on unsecure prinf usage`


			`[source,bash]`
			`----`
			`nim c --passC:"-Wformat -Wformat-security"`
			`----`

			`==== Position independent executable`

			`Enable ASLR`

			`[source,bash]`
			`----`
			`nim c --passC:"-fPIE" --passL:"-fPIE -pie"`
			`----`

			`==== Full RELRO`

			`Resolve dynamic symbols at startup and flag the GOT as read-only.`

			`[source,bash]`
			`----`
			`nim c --passL:"-z relro -z now"`
			`----`



			`=== Resources`

			`https://wiki.debian.org/Hardening`