Ch. 11 - Vocab Flashcards
atomic operation
an operation that will always be executed without any other process being able to read or change state that is read or changed during the operation
canonicalization
transforming input data to a single, standard, minimal representation
code injection
where the input includes code that is then executed by the attacked system
command injection
input is used in the construction of a command that is executed by the system
cross-site scripting attack
input provided to a program by one user that is subsequently output to another user
defensive programming
also known as secure programming
environment variable
collection of string values inherited by each process from its parent that can affect the way a running process behaves
fuzzing
software testing technique that uses randomly generated data as inputs to a program
injection attack
when program input data can influence the flow of execution of the program
least privilege
programs should execute with the least amount of privileges needed to complete their function
memory leak
steady reduction in memory available on the heap
privilege escalation
if privileges of the program is greater than those that are already available
race condition
when multiple processes compete to gain uncontrolled access to some resource
regular expression
a pattern composed of a sequence of characters that describe allowable input variants
secure programming
designing software so it continues to function even when under attack
