1. Input Checking
Always check user input to make sure that is what you expected. Make sure it contains no characters or other data that can be treated in a special way for your program or programs called by your program.This often involves checking the quotes characters, and checking of input characters such as unusual non-alphanumeric characters that is expected string. Often these are a sign of an attack of some kind to be attempted.
Checking 2.Range
Always check the ranges to copy the data, memory allocation or to perform any operation that may overflow. Some programming languages ??spectrum access boxes (such as std:: vector::. In () in C + +, but many programmers insist on using the array index out of control [] notation In addition, the use of functions like strcpy () should be avoided instead of strncpy (), which allows you to specify the number maximum characters to copy. Similar versions of functions like snprintf () instead of sprintf () and fgets () instead of gets () provide equivalent length of buffer specification. The use of these functions throughout the code to avoid buffer overflows. Even if the string that comes from within the program, and you think you can get away with strcpy () because you know the length of the chain, which does not mean that you or someone else will not change the things in the future and allow the string to be specified in a configuration file on the command line, or from direct user input. Acquiring the habit of checking all ranks should prevent a large number of security vulnerabilities in its software.
3.Principle of least privilege
This is especially important if your program runs as root for any part of its running time. Whenever possible, a program should drop all privileges do not need, and use higher privileges to only those operations that require it. An example of this is the Postfix mail server that has a modular design that allows parts that require root privileges to run clear of the parts that do not. This form of separation of privileges reduces the number of paths to attack the root privileges, and increases security of the entire system because of the few routes left can critically analyze the security issues.
Career 4.Don 't
A race condition is a situation in which a program performS an operation in several steps, and the attacker has the chance to pick between the steps and change the status of the system. An example is a program that checks file permissions, open the file. Among the permission to see the statistics () and open the named file fopen () an attacker could modify the file is opened by the change of name to another file named source files. To prevent this from fopen (), the first file, and then use fstat (), which has a file descriptor instead of a filename. From a file descriptor always points to the file that was opened with fopen (), but the file name is subsequently changed, the fstat () call ensures that the verification of the same file permissions. Many of the conditions of other races exist, and there are often ways to avoid by carefully choosing the order of execution of certain functions.
5.Register error handlers
Many languages ??support the concept of a function that can be called when an error is detected, or the more flexible concept of exceptions. Use these to catch unexpected conditions and return to a safe point in the code, instead of blindly moving forward in the hope that user input will not crash the program, or worse!
Topic: 5 Security Considerations When Coding (Read 937 times)
