About: Taint checking     Goto   Sponge   NotDistinct   Permalink

An Entity of Type : dbo:Work, within Data Space : dbpedia.org associated with source document(s)
QRcode icon
http://dbpedia.org/describe/?url=http%3A%2F%2Fdbpedia.org%2Fresource%2FTaint_checking&graph=http%3A%2F%2Fdbpedia.org&graph=http%3A%2F%2Fdbpedia.org

Taint checking is a feature in some computer programming languages, such as Perl, Ruby or Ballerina designed to increase security by preventing malicious users from executing commands on a host computer. Taint checks highlight specific security risks primarily associated with web sites which are attacked using techniques such as SQL injection or buffer overflow attack approaches.

AttributesValues
rdf:type
rdfs:label
  • Taint checking (en)
  • 污点检验 (zh)
rdfs:comment
  • Taint checking is a feature in some computer programming languages, such as Perl, Ruby or Ballerina designed to increase security by preventing malicious users from executing commands on a host computer. Taint checks highlight specific security risks primarily associated with web sites which are attacked using techniques such as SQL injection or buffer overflow attack approaches. (en)
  • 污点检验是某些程序语言所拥有的特性,例如Perl和Ruby,可用于增加安全性和避免恶意用户在主机上执行命令。污点会检验突出的安全风险,一般来说这些风险与那些使用SQL注入或缓冲区溢出攻击的网站相关。 污点检验的原理是任何变量(例如在网页表单区域的一个变量集)能够被外部用户修改,从而造成了潜在的安全危险。如果该变量被一个表达式赋值给第二个变量,那么第二变量也是可疑的。污点检验工具在变量间传递运行,直到外部输入潜在地影响到所有的变量。如果这些变量中任何一个变量被用于执行危险命令(例如对SQL数据库或主机操作系统的直接命令),污点检检验工具将警告该程序正在使用有潜在危险的污点变量。程序员可以通过重新设计程序来避免因危险的输入而导致的安全问题。 污点检验能够被视为一个无界面全面验证的保守近似或者是更一般化的概念。因为系统中的信息流不能通过检验一个简单的执行追踪而被验证,污点分析的结果将必然地反映关于该系统信息流特征的近似信息。 (zh)
dcterms:subject
Wikipage page ID
Wikipage revision ID
Link from a Wikipage to another Wikipage
Link from a Wikipage to an external page
sameAs
dbp:wikiPageUsesTemplate
has abstract
  • Taint checking is a feature in some computer programming languages, such as Perl, Ruby or Ballerina designed to increase security by preventing malicious users from executing commands on a host computer. Taint checks highlight specific security risks primarily associated with web sites which are attacked using techniques such as SQL injection or buffer overflow attack approaches. (en)
  • 污点检验是某些程序语言所拥有的特性,例如Perl和Ruby,可用于增加安全性和避免恶意用户在主机上执行命令。污点会检验突出的安全风险,一般来说这些风险与那些使用SQL注入或缓冲区溢出攻击的网站相关。 污点检验的原理是任何变量(例如在网页表单区域的一个变量集)能够被外部用户修改,从而造成了潜在的安全危险。如果该变量被一个表达式赋值给第二个变量,那么第二变量也是可疑的。污点检验工具在变量间传递运行,直到外部输入潜在地影响到所有的变量。如果这些变量中任何一个变量被用于执行危险命令(例如对SQL数据库或主机操作系统的直接命令),污点检检验工具将警告该程序正在使用有潜在危险的污点变量。程序员可以通过重新设计程序来避免因危险的输入而导致的安全问题。 污点检验能够被视为一个无界面全面验证的保守近似或者是更一般化的概念。因为系统中的信息流不能通过检验一个简单的执行追踪而被验证,污点分析的结果将必然地反映关于该系统信息流特征的近似信息。 (zh)
gold:hypernym
prov:wasDerivedFrom
page length (characters) of wiki page
foaf:isPrimaryTopicOf
is Link from a Wikipage to another Wikipage of
is Wikipage redirect of
is Wikipage disambiguates of
is foaf:primaryTopic of
Faceted Search & Find service v1.17_git139 as of Feb 29 2024


Alternative Linked Data Documents: ODE     Content Formats:   [cxml] [csv]     RDF   [text] [turtle] [ld+json] [rdf+json] [rdf+xml]     ODATA   [atom+xml] [odata+json]     Microdata   [microdata+json] [html]    About   
This material is Open Knowledge   W3C Semantic Web Technology [RDF Data] Valid XHTML + RDFa
OpenLink Virtuoso version 08.03.3330 as of Mar 19 2024, on Linux (x86_64-generic-linux-glibc212), Single-Server Edition (62 GB total memory, 60 GB memory in use)
Data on this page belongs to its respective rights holders.
Virtuoso Faceted Browser Copyright © 2009-2024 OpenLink Software