diff options
Diffstat (limited to 'en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml')
| -rw-r--r-- | en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml | 35 |
1 files changed, 14 insertions, 21 deletions
diff --git a/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml b/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml index 4a655c189c..eb5d53b7a2 100644 --- a/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml +++ b/en_US.ISO8859-1/books/developers-handbook/secure/chapter.xml @@ -4,21 +4,16 @@ $FreeBSD$ --> - - <chapter id="secure"> - <chapterinfo> +<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="secure"> + <info><title>Secure Programming</title> <authorgroup> - <author> - <firstname>Murray</firstname> - <surname>Stokely</surname> - <contrib>Contributed by </contrib> - </author> + <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author> </authorgroup> - </chapterinfo> + </info> - <title>Secure Programming</title> + - <sect1 id="secure-synopsis"><title>Synopsis</title> + <sect1 xml:id="secure-synopsis"><title>Synopsis</title> <para>This chapter describes some of the security issues that have plagued &unix; programmers for decades and some of the new @@ -26,7 +21,7 @@ code.</para> </sect1> - <sect1 id="secure-philosophy"><title>Secure Design + <sect1 xml:id="secure-philosophy"><title>Secure Design Methodology</title> <para>Writing secure applications takes a very scrutinous and @@ -45,7 +40,7 @@ operations are rarely atomic.</para> </sect1> - <sect1 id="secure-bufferov"><title>Buffer Overflows</title> + <sect1 xml:id="secure-bufferov"><title>Buffer Overflows</title> <para>Buffer Overflows have been around since the very beginnings of the Von-Neuman <xref linkend="COD"/> architecture. @@ -230,8 +225,7 @@ int main() { <function>strlcpy</function> and <function>strlcat</function> functions guarantee that they will always null terminate the destination string when given a non-zero length argument. For - more information about these functions see <xref - linkend="OpenBSD"/>. The OpenBSD <function>strlcpy</function> and + more information about these functions see <xref linkend="OpenBSD"/>. The OpenBSD <function>strlcpy</function> and <function>strlcat</function> instructions have been in FreeBSD since 3.3.</para> @@ -317,7 +311,7 @@ int main() { </sect2> </sect1> - <sect1 id="secure-setuid"><title>SetUID issues</title> + <sect1 xml:id="secure-setuid"><title>SetUID issues</title> <indexterm><primary>seteuid</primary></indexterm> @@ -350,7 +344,7 @@ int main() { </sect1> - <sect1 id="secure-chroot"><title>Limiting your program's environment</title> + <sect1 xml:id="secure-chroot"><title>Limiting your program's environment</title> <indexterm><primary>chroot()</primary></indexterm> @@ -438,8 +432,7 @@ int main() { <para>&posix; has released a working draft that adds event auditing, access control lists, fine grained privileges, information labeling, and mandatory access control.</para> - <para>This is a work in progress and is the focus of the <ulink - url="http://www.trustedbsd.org/">TrustedBSD</ulink> project. Some + <para>This is a work in progress and is the focus of the <link xlink:href="http://www.trustedbsd.org/">TrustedBSD</link> project. Some of the initial work has been committed to &os.current; (cap_set_proc(3)).</para> @@ -447,7 +440,7 @@ int main() { </sect1> - <sect1 id="secure-trust"><title>Trust</title> + <sect1 xml:id="secure-trust"><title>Trust</title> <para>An application should never assume that anything about the users environment is sane. This includes (but is certainly not @@ -479,7 +472,7 @@ int main() { </sect1> - <sect1 id="secure-race-conditions"> + <sect1 xml:id="secure-race-conditions"> <title>Race Conditions</title> <para>A race condition is anomalous behavior caused by the |