author: Danilo G. Baio <dbaio@FreeBSD.org> 2025-05-01 23:11:25 +0000
committer: Danilo G. Baio <dbaio@FreeBSD.org> 2025-05-01 23:11:25 +0000
commit: f85add5b55c5a68df11aa282656a88e8d3a1fd8e (patch)
tree: 1b42e154f41fc93ac39f985ed1ae5d5fa64db7ed /documentation/content/en/books/developers-handbook/secure
parent: 064cb2c41704b78530e8a10970bba32347451114 (diff)
1 files changed, 87 insertions, 87 deletions
diff --git a/documentation/content/en/books/developers-handbook/secure/_index.po b/documentation/content/en/books/developers-handbook/secure/_index.po
index c298451c7b..9eeb9dfbeb 100644
--- a/documentation/content/en/books/developers-handbook/secure/_index.po
+++ b/documentation/content/en/books/developers-handbook/secure/_index.po
@@ -7,7 +7,7 @@
 msgid ""
 msgstr ""
 "Project-Id-Version: FreeBSD Documentation VERSION\n"
-"POT-Creation-Date: 2022-02-01 10:28-0300\n"
+"POT-Creation-Date: 2025-05-01 19:56-0300\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -29,19 +29,19 @@ msgid "Chapter 3. Secure Programming"
 msgstr ""
 
 #. type: Title =
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:15
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:16
 #, no-wrap
 msgid "Secure Programming"
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:53
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:54
 #, no-wrap
 msgid "Synopsis"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:56
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:57
 msgid ""
 "This chapter describes some of the security issues that have plagued UNIX(R) "
 "programmers for decades and some of the new tools available to help "
@@ -49,24 +49,24 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:58
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:59
 #, no-wrap
 msgid "Secure Design Methodology"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:63
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:64
 msgid ""
 "Writing secure applications takes a very scrutinous and pessimistic outlook "
-"on life.  Applications should be run with the principle of \"least privilege"
-"\" so that no process is ever running with more than the bare minimum access "
-"that it needs to accomplish its function.  Previously tested code should be "
-"reused whenever possible to avoid common mistakes that others may have "
-"already fixed."
+"on life.  Applications should be run with the principle of \"least "
+"privilege\" so that no process is ever running with more than the bare "
+"minimum access that it needs to accomplish its function.  Previously tested "
+"code should be reused whenever possible to avoid common mistakes that others "
+"may have already fixed."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:67
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:68
 msgid ""
 "One of the pitfalls of the UNIX(R) environment is how easy it is to make "
 "assumptions about the sanity of the environment.  Applications should never "
@@ -76,13 +76,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:69
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:70
 #, no-wrap
 msgid "Buffer Overflows"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:75
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:76
 msgid ""
 "Buffer Overflows have been around since the very beginnings of the von "
 "Neumann crossref:bibliography[cod,1] architecture.  They first gained "
@@ -92,7 +92,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:84
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:85
 msgid ""
 "Most modern computer systems use a stack to pass arguments to procedures and "
 "to store local variables.  A stack is a last in first out (LIFO) buffer in "
@@ -112,14 +112,14 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:87
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:88
 msgid ""
 "Although stack-based attacks are by far the most common, it would also be "
 "possible to overrun the stack with a heap-based (malloc/free) attack."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:90
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:91
 msgid ""
 "The C programming language does not perform automatic bounds checking on "
 "arrays or pointers as many other languages do.  In addition, the standard C "
@@ -127,92 +127,92 @@ msgid ""
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:96
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:97
 #, no-wrap
 msgid "`strcpy`(char *dest, const char *src)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:100
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:105
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:101
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:106
 #, no-wrap
 msgid "May overflow the dest buffer"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:101
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:102
 #, no-wrap
 msgid "`strcat`(char *dest, const char *src)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:106
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:107
 #, no-wrap
 msgid "`getwd`(char *buf)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:110
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:111
 #, no-wrap
 msgid "May overflow the buf buffer"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:111
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:112
 #, no-wrap
 msgid "`gets`(char *s)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:115
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:116
 #, no-wrap
 msgid "May overflow the s buffer"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:116
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:117
 #, no-wrap
 msgid "`[vf]scanf`(const char *format, ...)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:120
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:121
 #, no-wrap
 msgid "May overflow its arguments."
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:121
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:122
 #, no-wrap
 msgid "`realpath`(char *path, char resolved_path[])"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:125
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:126
 #, no-wrap
 msgid "May overflow the path buffer"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:126
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:127
 #, no-wrap
 msgid "`[v]sprintf`(char *str, const char *format, ...)"
 msgstr ""
 
 #. type: Table
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:129
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:130
 #, no-wrap
 msgid "May overflow the str buffer."
 msgstr ""
 
 #. type: Title ===
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:131
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:132
 #, no-wrap
 msgid "Example Buffer Overflow"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:134
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:135
 msgid ""
 "The following example code contains a buffer overflow designed to overwrite "
 "the return address and skip the instruction immediately following the "
@@ -220,13 +220,13 @@ msgid ""
 msgstr ""
 
 #. type: delimited block . 4
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:138
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:139
 #, no-wrap
 msgid "#include <stdio.h>\n"
 msgstr ""
 
 #. type: delimited block . 4
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:143
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:144
 #, no-wrap
 msgid ""
 "void manipulate(char *buffer) {\n"
@@ -236,7 +236,7 @@ msgid ""
 msgstr ""
 
 #. type: delimited block . 4
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:147
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:148
 #, no-wrap
 msgid ""
 "int main() {\n"
@@ -245,13 +245,13 @@ msgid ""
 msgstr ""
 
 #. type: delimited block . 4
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:149
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:150
 #, no-wrap
 msgid "  while ((buffer[i++] = getchar()) != '\\n') {};\n"
 msgstr ""
 
 #. type: delimited block . 4
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:156
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:157
 #, no-wrap
 msgid ""
 "  i=1;\n"
@@ -263,27 +263,27 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:159
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:160
 msgid ""
 "Let us examine what the memory image of this process would look like if we "
 "were to input 160 spaces into our little program before hitting return."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:163
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:164
 msgid ""
 "Obviously more malicious input can be devised to execute actual compiled "
 "instructions (such as exec(/bin/sh))."
 msgstr ""
 
 #. type: Title ===
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:164
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:165
 #, no-wrap
 msgid "Avoiding Buffer Overflows"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:174
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:175
 msgid ""
 "The most straightforward solution to the problem of stack-overflows is to "
 "always use length restricted memory and string copy functions.  `strncpy` "
@@ -301,7 +301,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:177
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:178
 msgid ""
 "Another memory copy implementation exists to get around these problems.  The "
 "`strlcpy` and `strlcat` functions guarantee that they will always null "
@@ -309,13 +309,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ====
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:178
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:179
 #, no-wrap
 msgid "Compiler based run-time bounds checking"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:182
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:183
 msgid ""
 "Unfortunately there is still a very large assortment of code in public use "
 "which blindly copies memory around without using any of the bounded copy "
@@ -325,15 +325,15 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:185
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:186
 msgid ""
 "ProPolice is one such compiler feature, and is integrated into man:gcc[1] "
-"versions 4.1 and later.  It replaces and extends the earlier StackGuard man:"
-"gcc[1] extension."
+"versions 4.1 and later.  It replaces and extends the earlier StackGuard "
+"man:gcc[1] extension."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:189
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:190
 msgid ""
 "ProPolice helps to protect against stack-based buffer overflows and other "
 "attacks by laying pseudo-random numbers in key areas of the stack before "
@@ -346,20 +346,20 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:191
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:192
 msgid ""
 "Recompiling your application with ProPolice is an effective means of "
 "stopping most buffer-overflow attacks, but it can still be compromised."
 msgstr ""
 
 #. type: Title ====
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:192
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:193
 #, no-wrap
 msgid "Library based run-time bounds checking"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:196
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:197
 msgid ""
 "Compiler-based mechanisms are completely useless for binary-only software "
 "for which you cannot recompile.  For these situations there are a number of "
@@ -369,22 +369,22 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:198
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:199
 msgid "libsafe"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:199
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:200
 msgid "libverify"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:200
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:201
 msgid "libparanoia"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:205
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:206
 msgid ""
 "Unfortunately these library-based defenses have a number of shortcomings.  "
 "These libraries only protect against a very small set of security related "
@@ -395,13 +395,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:207
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:208
 #, no-wrap
 msgid "SetUID issues"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:211
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:212
 msgid ""
 "There are at least 6 different IDs associated with any given process, and "
 "you must therefore be very careful with the access that your process has at "
@@ -410,14 +410,14 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:214
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:215
 msgid ""
 "The real user ID can only be changed by a superuser process.  The login "
 "program sets this when a user initially logs in and it is seldom changed."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:218
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:219
 msgid ""
 "The effective user ID is set by the `exec()` functions if a program has its "
 "seteuid bit set.  An application can call `seteuid()` at any time to set the "
@@ -427,13 +427,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:220
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:221
 #, no-wrap
 msgid "Limiting your program's environment"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:228
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:229
 msgid ""
 "The traditional method of restricting a process is with the `chroot()` "
 "system call.  This system call changes the root directory from which all "
@@ -443,12 +443,12 @@ msgid ""
 "effect until you `chdir()` into your new environment.  It should also be "
 "noted that a process can easily break out of a chroot environment if it has "
 "root privilege.  This could be accomplished by creating device nodes to read "
-"kernel memory, attaching a debugger to a process outside of the man:"
-"chroot[8] environment, or in many other creative ways."
+"kernel memory, attaching a debugger to a process outside of the "
+"man:chroot[8] environment, or in many other creative ways."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:233
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:234
 msgid ""
 "The behavior of the `chroot()` system call can be controlled somewhat with "
 "the kern.chroot_allow_open_directories `sysctl` variable.  When this value "
@@ -460,13 +460,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ===
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:234
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:235
 #, no-wrap
 msgid "FreeBSD's jail functionality"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:238
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:239
 msgid ""
 "The concept of a Jail extends upon the `chroot()` by limiting the powers of "
 "the superuser to create a true `virtual server'.  Once a prison is set up "
@@ -475,7 +475,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:242
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:243
 msgid ""
 "While in a prison, any tests of superuser power within the kernel using the "
 "`suser()` call will fail.  However, some calls to `suser()` have been "
@@ -484,51 +484,51 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:244
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:245
 msgid "A superuser process within a jailed environment has the power to:"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:246
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:247
 msgid ""
 "Manipulate credential with `setuid`, `seteuid`, `setgid`, `setegid`, "
 "`setgroups`, `setreuid`, `setregid`, `setlogin`"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:247
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:248
 msgid "Set resource limits with `setrlimit`"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:248
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:249
 msgid "Modify some sysctl nodes (kern.hostname)"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:249
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:250
 msgid "`chroot()`"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:250
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:251
 msgid "Set flags on a vnode: `chflags`, `fchflags`"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:251
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:252
 msgid ""
 "Set attributes of a vnode such as file permission, owner, group, size, "
 "access time, and modification time."
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:252
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:253
 msgid "Bind to privileged ports in the Internet domain (ports < 1024)"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:256
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:257
 msgid ""
 "`Jail` is a very useful tool for running applications in a secure "
 "environment but it does have some shortcomings.  Currently, the IPC "
@@ -539,13 +539,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ===
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:257
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:258
 #, no-wrap
 msgid "POSIX(R).1e Process Capabilities"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:260
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:261
 msgid ""
 "POSIX(R) has released a working draft that adds event auditing, access "
 "control lists, fine grained privileges, information labeling, and mandatory "
@@ -553,7 +553,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:263
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:264
 msgid ""
 "This is a work in progress and is the focus of the http://www.trustedbsd.org/"
 "[TrustedBSD] project.  Some of the initial work has been committed to "
@@ -561,13 +561,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:265
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:266
 #, no-wrap
 msgid "Trust"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:269
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:270
 msgid ""
 "An application should never assume that anything about the users environment "
 "is sane.  This includes (but is certainly not limited to): user input, "
@@ -576,7 +576,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:274
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:275
 msgid ""
 "You should never assume that you can catch all forms of invalid input that a "
 "user might supply.  Instead, your application should use positive filtering "
@@ -587,7 +587,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:277
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:278
 msgid ""
 "Perl has a really cool feature called \"Taint\" mode which can be used to "
 "prevent scripts from using data derived outside the program in an unsafe "
@@ -597,13 +597,13 @@ msgid ""
 msgstr ""
 
 #. type: Title ==
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:279
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:280
 #, no-wrap
 msgid "Race Conditions"
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:283
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:284
 msgid ""
 "A race condition is anomalous behavior caused by the unexpected dependence "
 "on the relative timing of events.  In other words, a programmer incorrectly "
@@ -611,7 +611,7 @@ msgid ""
 msgstr ""
 
 #. type: Plain text
-#: documentation/content/en/books/developers-handbook/secure/_index.adoc:289
+#: documentation/content/en/books/developers-handbook/secure/_index.adoc:290
 msgid ""
 "Some of the common causes of race conditions are signals, access checks, and "
 "file opens.  Signals are asynchronous events by nature so special care must "
author	Danilo G. Baio <dbaio@FreeBSD.org>	2025-05-01 23:11:25 +0000
committer	Danilo G. Baio <dbaio@FreeBSD.org>	2025-05-01 23:11:25 +0000
commit	f85add5b55c5a68df11aa282656a88e8d3a1fd8e (patch)
tree	1b42e154f41fc93ac39f985ed1ae5d5fa64db7ed /documentation/content/en/books/developers-handbook/secure
parent	064cb2c41704b78530e8a10970bba32347451114 (diff)