One of the most important tasks a security administrator can perform is to ensure that all Web code on a system performs proper parameter checking to minimize the potential of catastrophic buffer-overflow vulnerabilities. In many development environments, this is a tedious process that places a heavy burden on the shoulders of already-overworked programmers. If your Web site contains a large base of existing code that has not been safety-checked, the security screening task might seem insurmountable. This same problem may arise when you wish to import someone else’s code (such as that downloaded from a Web site) into your Web applications.

Read the full article: Perl taint mode

Published in SearchWindowsServer on 04/06/03