5 Security Considerations When Coding | Richard Takemura

5 Security Considerations When Coding

1. Input Check

Always check user input to make sure it is what you expected. Ensure that contains no characters or other data that can be treated in a special way by the program or programs that take your program. This often involves checking for characters such as quotes, and checking for unusual input characters such as non-alphanumeric characters where you expect a text string. Often, it is a sign of an attack of some kind to be treated.

2. Checking Range

Always check the ranges to copy the data, memory allocation or performance of any operation that could potentially overflow. Some programming languages ​​provide access to the container end frames (such as std :: vector :: at () in C + +, but many programmers insist on using uncontrolled array index [] notation. Moreover, the use of functions as strcpy () should be avoided instead of strncpy (), which lets you specify the maximum number of characters to copy. similar versions of functions such as snprintf () instead of sprintf () and fgets () instead of creating ( ) provide equivalent specification-of-buffer length. The use of these functions through your code to avoid buffer overflows. Even if your character string that originates within the program, and think you can get away with strcpy ( ), because you know the length of the chain, that does not mean that you, or someone else, is not going to change things in the future and allow the string to be specified in a configuration file on the command line or from direct user input. Get into the habit of checking range all you need to prevent a large number of security vulnerabilities in software.

3. Principle of least privilege

This is especially important if the program is run as root for any part of its running time. Whenever possible, a program should drop all privileges it does not need, and using highest privileges only to those operations that require it. An example of this is the Postfix mail server, which has a modular design that allows parts that require root privileges to run clearly from parts that do not. This form of separation of privileges reduces the number of attack paths leading to root privileges, and increases the security of the entire system because of the few remaining paths can be analyzed critically for security problems.

4. Do not Race

A race condition is a situation in which a program performs an operation in several steps, and an attacker has the chance to catch between steps and alter the system state. An example would be a program that checks file permissions, then open the file. Among the permission check the stat () call and the file opens the fopen () call an attacker might change the file is opened by renaming a file with the name of the original files. To avoid this, fopen () the file, and then use fstat (), which takes a file descriptor rather than a filename. Since a file descriptor always points to the file opened with fopen (), although the name was later changed the fstat () call is guaranteed to be checking the permissions of the same file. There are many other race conditions, and often there are ways around that by carefully choosing the order of execution of certain functions.

5.Register error handlers

Many languages ​​support the concept of a function to be called when an error is detected, or the more flexible concept of exceptions. Make use of them to catch unexpected conditions and return to a safe point in the code, instead of moving blindly hoping that user input will not crash the program, or worse!

Read more Website Design Tips

Print On Demand Banner