5 BackEnd Flaws a developer should avoid.
1. Input Checking
Constantly check user input to make certain it is what you expected. Ensure it will not contain characters or other data which may be treated in a special way because of your program or any programs called by your program. This often involves checking for character types such as quotes and checking for unusual type characters such as non-alphanumeric characters where a textual content string is expected. Typically, they are a sign of an attack of some kind being attempted.
2. Range Checking
Always check the ranges when copying data, allocating memory or executing any procedure which could potentially overflow. Some encoding languages provide range-checked port access (such as the std:: vector:: at() in C++, but many computer programmers insist on using the unchecked array index [] notation. In addition, the use of functions such as strcpy() should be avoided in preference to strncpy(), that allows you to specify the maximum volume of characters to copy. Similar versions of functions such as snprintf() as opposed to sprintf() and fgets() rather than gets() provide equivalent length-of-buffer requirements. The utilization of such functions through your code should prevent buffer overflows. Even if your character string starts within the program, therefore you think you can break free with strcpy() because you already know the length of the string, which mean to say that you, or someone else, won't change things in the future and allow the line to be specified in a configuration file, on the command-line, or from direct user input. Engaging in the habit of range-checking everything should prevent a huge number of security weaknesses in your software.
3. Principle Of Least Liberties
This is particularly important if your program works as root for virtually any part of its runtime. In which possible, a program should drop any privileges keep in mind that need, and use the larger privileges for only those businesses which require them. An example of this is the Postfix mail server, which has a do it yourself design allowing parts which require root privileges to be run distinctly from parts that do not effectively. This form of privilege separation reduces the number of attack routes which lead to origin privileges and increases the security of the complete system because those few routes that remain can be analyzed critically for security problems.
4. Don't Competition
A race condition is a predicament where a program performs a procedure in several steps, and an attacker has the chance to catch it between steps and alter the system state. An example would be a program which checks file accord, then opens the document. Between the permission check the stat() call and the file opens the fopen() call an assailant could replace the data file being opened by renaming another file to the original files name. To be able to prevent this, fopen() the data file first, and then use fstat(), which uses a record descriptor rather than a filename. Since a file descriptor always points to the file that was exposed with fopen(), even if the filename is therefore changed, the fstat() call will be sure to be checking the permissions of the identical file. Various other race conditions are present, and there are often ways to prevent them by carefully choosing the order of execution of certain functions.
5. Store Error Handlers
Many different languages support the concept of an event that can be called when an error is detected or the way more versatile concept of exceptions. Make use of these to catch sudden conditions and return to a safe justification in the code, rather than blindly advancing in the hope that the user input will not crash the program, or worse!
Constantly check user input to make certain it is what you expected. Ensure it will not contain characters or other data which may be treated in a special way because of your program or any programs called by your program. This often involves checking for character types such as quotes and checking for unusual type characters such as non-alphanumeric characters where a textual content string is expected. Typically, they are a sign of an attack of some kind being attempted.
 |
| (image source: pixabay.com) |
2. Range Checking
Always check the ranges when copying data, allocating memory or executing any procedure which could potentially overflow. Some encoding languages provide range-checked port access (such as the std:: vector:: at() in C++, but many computer programmers insist on using the unchecked array index [] notation. In addition, the use of functions such as strcpy() should be avoided in preference to strncpy(), that allows you to specify the maximum volume of characters to copy. Similar versions of functions such as snprintf() as opposed to sprintf() and fgets() rather than gets() provide equivalent length-of-buffer requirements. The utilization of such functions through your code should prevent buffer overflows. Even if your character string starts within the program, therefore you think you can break free with strcpy() because you already know the length of the string, which mean to say that you, or someone else, won't change things in the future and allow the line to be specified in a configuration file, on the command-line, or from direct user input. Engaging in the habit of range-checking everything should prevent a huge number of security weaknesses in your software.
3. Principle Of Least Liberties
This is particularly important if your program works as root for virtually any part of its runtime. In which possible, a program should drop any privileges keep in mind that need, and use the larger privileges for only those businesses which require them. An example of this is the Postfix mail server, which has a do it yourself design allowing parts which require root privileges to be run distinctly from parts that do not effectively. This form of privilege separation reduces the number of attack routes which lead to origin privileges and increases the security of the complete system because those few routes that remain can be analyzed critically for security problems.
4. Don't Competition
A race condition is a predicament where a program performs a procedure in several steps, and an attacker has the chance to catch it between steps and alter the system state. An example would be a program which checks file accord, then opens the document. Between the permission check the stat() call and the file opens the fopen() call an assailant could replace the data file being opened by renaming another file to the original files name. To be able to prevent this, fopen() the data file first, and then use fstat(), which uses a record descriptor rather than a filename. Since a file descriptor always points to the file that was exposed with fopen(), even if the filename is therefore changed, the fstat() call will be sure to be checking the permissions of the identical file. Various other race conditions are present, and there are often ways to prevent them by carefully choosing the order of execution of certain functions.
5. Store Error Handlers
Many different languages support the concept of an event that can be called when an error is detected or the way more versatile concept of exceptions. Make use of these to catch sudden conditions and return to a safe justification in the code, rather than blindly advancing in the hope that the user input will not crash the program, or worse!
Comments
Post a Comment