New "Secure programmer" article: Call Components Safely
|
|
The latest article in my "Secure Programmer" series is now available! This developerWorks series describes how to develop secure programs for Linux/Unix; this article describes how to securely invoke other programs.
|
|
Application programs typically make calls to other components, such as the underlying operating system, database systems, reusable libraries, Internet services (like DNS), Web services, and so on. This article explains how to prevent attackers from exploiting those calls to other components by discussing the use of only secure components, passing only valid data, making sure the data will be correctly interpreted, checking return values and exceptions, and protecting data as it flows between applications and components. Check out "Secure programmer: Call Components Safely" for more information.
Full Story |
This topic does not have any threads posted yet!
You cannot post until you login.
