Microsoft has a blog entry on their mentality/process on banning certain API calls to improve their software’s security.
"Jeremy
Dallman here with a quick note about a code sanitizing tool we are
making available to support one of the SDL requirements – Remove all
Banned APIs from your code.
This
requirement was put in place to prevent use of certain older C runtime
functions that lead to buffer overrun flaws and have been deprecated.
In the Security Development Lifecycle book, an entire chapter is
dedicated to the topic of banned function calls. In the book, we also
provide a copy of the banned.h header file on the companion CD. This
header file allows you to locate any banned functions in your code.
On MSDN, we have document the SDL list of Banned Function Calls
but the header file has not been publicly available outside the SDL
book until now. Today, we are providing the banned.h header on the
Microsoft Download Center.
By
including this header file, then using #include “banned.h”; you will be
able to locate any banned functions in your code. The full list of
banned APIs is also included in the header file."
Read more: http://blogs.msdn.com/sdl/archive/2008/10/22/good-hygiene-and-banned-apis.aspx
