typo (i think)
Ceri Davies
ceri at FreeBSD.org
Mon Sep 29 12:08:36 PDT 2003
On Mon, Sep 29, 2003 at 05:08:53PM +0100, Mark Lumsden wrote:
> Hello,
> I'm not sure if this is the correct address to send this to or if indeed
> i've came across a typo, but on page:
>
> http://www.freebsd.org/security/security.html
>
> under the section 'Secure Programming Guidelines', in the second sentence,
> theres a part that makes sense but also doesn't quite:
>
> "Never trust any source of input, i.e. command line arguments, environment
> variables, configuration files, incoming TCP/UDP/ICMP packets, hostname
> lookups, function arguments, etc. If the length of or contents of
> the -->date<-- received is at all subject to outside control, then the
> program or function should watch for this when copying it around. Specific
> security issues to watch for in this are:"
>
> Do you think it means data?
Yes, it does. I've corrected it.
Thanks for the submission,
Ceri
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-www/attachments/20030929/605c9a7f/attachment.bin
More information about the freebsd-www
mailing list