aboutsummaryrefslogtreecommitdiff
path: root/zh_TW.Big5/books/developers-handbook/secure/chapter.xml
diff options
context:
space:
mode:
Diffstat (limited to 'zh_TW.Big5/books/developers-handbook/secure/chapter.xml')
-rw-r--r--zh_TW.Big5/books/developers-handbook/secure/chapter.xml42
1 files changed, 17 insertions, 25 deletions
diff --git a/zh_TW.Big5/books/developers-handbook/secure/chapter.xml b/zh_TW.Big5/books/developers-handbook/secure/chapter.xml
index 928f05da21..872ac15ade 100644
--- a/zh_TW.Big5/books/developers-handbook/secure/chapter.xml
+++ b/zh_TW.Big5/books/developers-handbook/secure/chapter.xml
@@ -4,21 +4,16 @@
$FreeBSD$
-->
-
- <chapter id="secure">
- <chapterinfo>
+<chapter xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink" version="5.0" xml:id="secure">
+ <info><title>Secure Programming</title>
<authorgroup>
- <author>
- <firstname>Murray</firstname>
- <surname>Stokely</surname>
- <contrib>Contributed by </contrib>
- </author>
+ <author><personname><firstname>Murray</firstname><surname>Stokely</surname></personname><contrib>Contributed by </contrib></author>
</authorgroup>
- </chapterinfo>
+ </info>
- <title>Secure Programming</title>
+
- <sect1 id="secure-synopsis"><title>Synopsis</title>
+ <sect1 xml:id="secure-synopsis"><title>Synopsis</title>
<para>This chapter describes some of the security issues that
have plagued &unix; programmers for decades and some of the new
@@ -26,7 +21,7 @@
code.</para>
</sect1>
- <sect1 id="secure-philosophy"><title>Secure Design
+ <sect1 xml:id="secure-philosophy"><title>Secure Design
Methodology</title>
<para>Writing secure applications takes a very scrutinous and
@@ -45,7 +40,7 @@
operations are rarely atomic.</para>
</sect1>
- <sect1 id="secure-bufferov"><title>Buffer Overflows</title>
+ <sect1 xml:id="secure-bufferov"><title>Buffer Overflows</title>
<para>Buffer Overflows have been around since the very
beginnings of the Von-Neuman <xref linkend="COD"/> architecture.
@@ -165,7 +160,7 @@
instruction immediately following the function call. (Inspired
by <xref linkend="Phrack"/>)</para>
-<programlisting>#include <sgmltag>stdio.h</sgmltag>
+<programlisting>#include <tag>stdio.h</tag>
void manipulate(char *buffer) {
char newbuffer[80];
@@ -236,8 +231,7 @@ int main() {
<function>strlcpy</function> and <function>strlcat</function>
functions guarantee that they will always null terminate the
destination string when given a non-zero length argument. For
- more information about these functions see <xref
- linkend="OpenBSD"/>. The OpenBSD <function>strlcpy</function> and
+ more information about these functions see <xref linkend="OpenBSD"/>. The OpenBSD <function>strlcpy</function> and
<function>strlcat</function> instructions have been in FreeBSD
since 3.3.</para>
@@ -267,9 +261,8 @@ int main() {
<indexterm><primary>gcc</primary></indexterm>
<para>StackGuard is one such add-on that is implemented as a
- small patch to the gcc code generator. From the <ulink
- url="http://immunix.org/stackguard.html">StackGuard
- website</ulink>:
+ small patch to the gcc code generator. From the <link xlink:href="http://immunix.org/stackguard.html">StackGuard
+ website</link>:
<blockquote><para>"StackGuard detects and defeats stack
smashing attacks by protecting the return address on the stack
@@ -331,7 +324,7 @@ int main() {
</sect2>
</sect1>
- <sect1 id="secure-setuid"><title>SetUID issues</title>
+ <sect1 xml:id="secure-setuid"><title>SetUID issues</title>
<indexterm><primary>seteuid</primary></indexterm>
@@ -364,7 +357,7 @@ int main() {
</sect1>
- <sect1 id="secure-chroot"><title>Limiting your program's environment</title>
+ <sect1 xml:id="secure-chroot"><title>Limiting your program's environment</title>
<indexterm><primary>chroot()</primary></indexterm>
@@ -451,8 +444,7 @@ int main() {
<para>&posix; has released a working draft that adds event
auditing, access control lists, fine grained privileges,
information labeling, and mandatory access control.</para>
- <para>This is a work in progress and is the focus of the <ulink
- url="http://www.trustedbsd.org/">TrustedBSD</ulink> project. Some
+ <para>This is a work in progress and is the focus of the <link xlink:href="http://www.trustedbsd.org/">TrustedBSD</link> project. Some
of the initial work has been committed to &os.current;
(cap_set_proc(3)).</para>
@@ -460,7 +452,7 @@ int main() {
</sect1>
- <sect1 id="secure-trust"><title>Trust</title>
+ <sect1 xml:id="secure-trust"><title>Trust</title>
<para>An application should never assume that anything about the
users environment is sane. This includes (but is certainly not
@@ -492,7 +484,7 @@ int main() {
</sect1>
- <sect1 id="secure-race-conditions">
+ <sect1 xml:id="secure-race-conditions">
<title>Race Conditions</title>
<para>A race condition is anomalous behavior caused by the