The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "SVG:Secure Coding"
(Created page with ' {{svg-header}} If you are a developer, please make an effort to become aware of how to avoid introducing new vulnerabilities and how to write secure code '''Valdiate input''' …') |
|||
| Line 1: | Line 1: | ||
{{svg-header}} | {{svg-header}} | ||
| Line 14: | Line 13: | ||
Also see | Also see | ||
* [ http://www.gridpp.ac.uk/gsvg/docsguides/index.html EGEE/ | * [http://www.gridpp.ac.uk/gsvg/docsguides/index.html EGEE/GridPP secure coding] | ||
Revision as of 15:25, 7 October 2010
| Main page | Software Security Checklist | Issue Handling | Advisories | Notes On Risk | Advisory Template | More |
Secure Coding
If you are a developer, please make an effort to become aware of how to avoid introducing new vulnerabilities and how to write secure code
Valdiate input Don't trust user input, it could be malicious. This should include input from clients you have written, as they can be modfied to allow malicious input.
Check File permissions Any file or directory with world write permission could be modified with malicious content
Learn about secure programming Tutorials have been given at various Grid conferences and texts are available on how to avoid writing vulnerable code.
More information will be provided later.
Also see