Secure programming cookbook for C and C++
Password sniffing, spoofing, buffer overflows, and denial of service: these are only a few of the attacks on today's computer systems and networks. At the root of this epidemic is poorly written, poorly tested, and insecure code that puts everyone at risk. Clearly, today's developers need...
| Autor principal: | |
|---|---|
| Otros Autores: | |
| Formato: | Libro electrónico |
| Idioma: | Inglés |
| Publicado: |
Sebastopol, California :
O'Reilly
2003.
|
| Edición: | First edition |
| Materias: | |
| Ver en Biblioteca Universitat Ramon Llull: | https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627023406719 |
Tabla de Contenidos:
- Secure Programming Cookbook for C and C++; Preface; We Can&t Do It All; Organization of This Book; Recipe Compatibility; Conventions Used in This Book; Comments and Questions; Acknowledgments; 1. Safe Initialization; 1.1.2. Solution; 1.1.3. Discussion; 1.1.4. See Also; 1.2. Restricting Privileges on Windows; 1.2.2. Solution; 1.2.3. Discussion; 1.2.3.2. Modifying a process&s primary token; 1.2.3.3. Working with SID_AND_ATTRIBUTES structures; 1.2.3.4. Working with LUID_AND_ATTRIBUTES structures; 1.2.4. See Also; 1.3. Dropping Privileges in setuid Programs; 1.3.2. Solution; 1.3.3. Discussion
- 1.3.4. See Also1.4. Limiting Risk with Privilege Separation; 1.4.2. Solution; 1.4.3. Discussion; 1.4.3.2. A privilege separation library: privman; 1.4.4. See Also; 1.5. Managing File Descriptors Safely; 1.5.2. Solution; 1.5.3. Discussion; 1.6. Creating a Child Process Securely; 1.6.2. Solution; 1.6.3. Discussion; 1.6.4. See Also; 1.7. Executing External Programs Securely; 1.7.2. Solution; 1.7.3. Discussion; 1.7.4. See Also; 1.8. Executing External Programs Securely; 1.8.2. Solution; 1.8.3. Discussion; 1.9. Disabling Memory Dumps in the Event of a Crash; 1.9.2. Solution; 1.9.3. Discussion
- 1.9.4. See Also2. Access Control; 2.1.2. Solution; 2.1.3. Discussion; 2.1.3.2. The setuid bit; 2.1.3.3. The setgid bit; 2.1.4. See Also; 2.2. Understanding the Windows Access Control Model; 2.2.2. Solution; 2.2.3. Discussion; 2.3. Determining Whether a User Has Access to a File on Unix; 2.3.2. Solution; 2.3.3. Discussion; 2.4. Determining Whether a Directory Is Secure; 2.4.2. Solution; 2.4.3. Discussion; 2.5. Erasing Files Securely; 2.5.2. Solution; 2.5.3. Discussion; 2.5.4. See Also; 2.6. Accessing File Information Securely; 2.6.2. Solution; 2.6.3. Discussion; 2.6.4. See Also
- 2.7. Restricting Access Permissions for New Files on Unix2.7.2. Solution; 2.7.3. Discussion; 2.7.4. See Also; 2.8. Locking Files; 2.8.2. Solution; 2.8.3. Discussion; 2.8.3.2. Locking files on Windows; 2.9. Synchronizing Resource Access Across Processes on Unix; 2.9.2. Solution; 2.9.3. Discussion; 2.9.4. See Also; 2.10. Synchronizing Resource Access Across Processes on Windows; 2.10.2. Solution; 2.10.3. Discussion; 2.10.4. See Also; 2.11. Creating Files for Temporary Use; 2.11.2. Solution; 2.11.3. Discussion; 2.11.3.2. Temporary files on Windows; 2.11.4. See Also
- 2.12. Restricting Filesystem Access on Unix2.12.2. Solution; 2.12.3. Discussion; 2.13. Restricting Filesystem and Network Access on FreeBSD; 2.13.2. Solution; 2.13.3. Discussion; 2.13.4. See Also; 3. Input Validation; 3.1.2. Solution; 3.1.3. Discussion; 3.1.4. See Also; 3.2. Preventing Attacks on Formatting Functions; 3.2.2. Solution; 3.2.3. Discussion; 3.2.4. See Also; 3.3. Preventing Buffer Overflows; 3.3.2. Solution; 3.3.3. Discussion; 3.3.3.2. Using C++; 3.3.3.3. Stack protection technologies; 3.3.4. See Also; 3.4. Using the SafeStr Library; 3.4.2. Solution; 3.4.3. Discussion
- 3.4.4. See Also
