diff options
Diffstat (limited to 'service_solahart_jakarta_selatan__082122541663/security.mdwn')
-rw-r--r-- | service_solahart_jakarta_selatan__082122541663/security.mdwn | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/service_solahart_jakarta_selatan__082122541663/security.mdwn b/service_solahart_jakarta_selatan__082122541663/security.mdwn new file mode 100644 index 00000000..d8ffc04e --- /dev/null +++ b/service_solahart_jakarta_selatan__082122541663/security.mdwn @@ -0,0 +1,28 @@ +[[!meta copyright="Copyright © 2010, 2013 Free Software Foundation, Inc."]] + +[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable +id="license" text="Permission is granted to copy, distribute and/or modify this +document under the terms of the GNU Free Documentation License, Version 1.2 or +any later version published by the Free Software Foundation; with no Invariant +Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license +is included in the section entitled [[GNU Free Documentation +License|/fdl]]."]]"""]] + +There are [[several aspects to security|/security]] that are (mainly) relevant +to the design space. + +There are also security issues in the implemenation space, for example using +the correct coding paradigms. + +Large parts of our code base have not beed audited, either manually or in an +automated fashion. + +[[Unit testing]] is one aspect: testing for reliably failing for invalid input. + +[[Code analysis]] is another aspect. + +All publically usable interfaces provide attacking targets. This includes all +[[system call]]s and [[RPC]] interfaces. + +Fuzzing techniques can be use for locating possible issues; see discussion on +the [[code_analysis]] page. |