[翻译]Linux与Unix编程安全指南_1.介绍

原文:http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html

This book describes a set of guidelines for writing secure programs on Linux and Unix systems

这本书讲解了在Linux和Unix系统下的一些编程安全的指南。

For purposes of this book, a “secure program” is a program that sits on a security boundary, taking input from a source that does not have the same access rights as the program.
Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs.

这些程序包括远程数据查询,web应用(包括CGI脚本),网络服务器,和setuid/setgid程序。

This book does not address modifying the operating system kernel itself, although many of the principles discussed here do apply.

虽然这里讨论的大部分概念不适用,这边书对修改操作系统内核本身不发表意见。

These guidelines were developed as a survey of “lessons learned” from various sources on how to create such programs (along with additional observations by the author), reorganized into a set of larger principles.

这些指南来至于很多经验教训,他们形成了一种原则。

This book includes specific guidance for a number of languages, including C, C++, Java, Perl, PHP, Python, Tcl, and Ada95.

这本书提到了一些编程语言,包括,c,c++,java…

程序的抽象:

This entry was posted in Linux. Bookmark the permalink.