Wednesday 31 December 2003

Secure programmer: Keep an eye on inputs

Via Slashdot: Secure programmer: Keep an eye on inputs. A brief synopsis:

This article discusses various ways data gets into your program, emphasizing how to deal appropriately with them; you might not even know about them all! It first discusses how to design your program to limit the ways data can get into your program, and how your design influences what is an input. It then discusses various input channels and what to do about them, including environment variables, files, file descriptors, the command line, the graphical user interface (GUI), network data, and miscellaneous inputs.

The article is divided into a number of sections:

And offers related content:

On a related note, has an article on Ten Security Checks for PHP.