Communities

Writing
Writing
Codidact Meta
Codidact Meta
The Great Outdoors
The Great Outdoors
Photography & Video
Photography & Video
Scientific Speculation
Scientific Speculation
Cooking
Cooking
Electrical Engineering
Electrical Engineering
Judaism
Judaism
Languages & Linguistics
Languages & Linguistics
Software Development
Software Development
Mathematics
Mathematics
Christianity
Christianity
Code Golf
Code Golf
Music
Music
Physics
Physics
Linux Systems
Linux Systems
Power Users
Power Users
Tabletop RPGs
Tabletop RPGs
tag:snake search within a tag
answers:0 unanswered questions
user:xxxx search by author id
score:0.5 posts with 0.5+ score
"snake oil" exact phrase
votes:4 posts with 4+ votes
created:<1w created < 1 week ago
post_type:xxxx type of post
Search help
Notifications
Mark all as read See all your notifications »
Q&A

Posts tagged security

2 child tags

Use for questions dealing with the security aspects of the programming (e.g. attacks against software). Always add tags related to the programming context (library, language, framework etc.).

This tag doesn't have a detailed wiki yet.

80%
+6 −0
Q&A Which functions in the C standard library must always be avoided?

It would seem that the C standard library is a collection of diverse functions that pretty much just ended up in the standard by tradition or "accident", rather than through some careful plan or ra...

1 answer  ·  posted 1y ago by Lundin‭  ·  last activity 1y ago by Lundin‭

83%
+8 −0
Q&A Is it dangerous to use json.loads on untrusted data?

I manage a wsgi application that accepts JSON data via POST from potentially untrusted sources. Normally it is treated as a text blob and never parsed, but there is a value in the expected input th...

1 answer  ·  posted 1y ago by ajv‭  ·  last activity 1y ago by hkotsubo‭

Question python json security
60%
+1 −0
Q&A How to properly manage PGP signing key storage, access, and usage for dev and automation?

I work for an IoT company. We recently got secure boot to work for a customer-visible product. For secure boot to work, the images we generate must be signed. Obviously, we want customer-visible sy...

0 answers  ·  posted 1y ago by ghost-in-the-zsh‭  ·  edited 1y ago by ghost-in-the-zsh‭

33%
+0 −2
Q&A Is there a problem in making Captcha an HTML builtin with an attribute setting which type of Captcha

Many web login and contact form features could be set as standard HTML builtins without the need to develop and backend and/or (non HTML) frontend for them, for example: Select field Input Date...

2 answers  ·  posted 2y ago by deleted user  ·  last activity 2y ago by corporat‭

28%
+0 −3
Q&A What makes a software module an "authentication" module?

As I don't have any significant experience with internationally-standard information security literature, I would like to ask here if some international information security organization took the i...

2 answers  ·  posted 2y ago by deleted user  ·  last activity 2y ago by nelson777‭

80%
+6 −0
Q&A How to properly deal with impersonation in a Web application? (security vs. usefulness for tech support)

Context Our team has begun migrating a pretty old internal application and one aspect that got my attention is the impersonation. This is implemented as follows: only administrators are allowed...

2 answers  ·  posted 2y ago by Alexei‭  ·  last activity 2y ago by meriton‭

50%
+0 −0
Q&A I don't want to setup DKIM, SPF and to do SMTP authentication ; an hosting-provider-email-box solves this but what if I want a domain-registrar-email-box instead?

On a shared hosting (CentOS-Bash) I have a website with a backend (PHP) - frontend CMS-agnostic contact form. I need to transfer emails sent via this contact form directly to an email address (I d...

0 answers  ·  posted 2y ago by deleted user  ·  edited 2y ago by deleted user

50%
+1 −1
Q&A Running remote scripts (cloud scripts) locally --- valid and securely as possible

I use CentOS with Bash and I would like to download, execute and delete the executed downloaded file (running a remote/cloud script locally). I often prefer to load my own shell scripts from my ow...

1 answer  ·  posted 2y ago by deleted user  ·  last activity 2y ago by Peter Taylor‭

90%
+17 −0
Q&A Should a salt be stored in the same database as the hash?

To protect against dictionary and rainbow table attacks it is well known that passwords should be salted before hashing. The salt (unique to each password) gets stored with the hash, often in the s...

3 answers  ·  posted 2y ago by jla‭  ·  last activity 2y ago by Canina‭

Question security hash salt
66%
+2 −0
Q&A How to automatically run Entity Framework Core migrations for an application which uses a user with read/write rights on certain tables?

I have decided to convert a legacy database-first ASP.NET Core project to code-first. However, I have noticed that the project used the same database as another bigger project and the Entity Framew...

1 answer  ·  posted 2y ago by Alexei‭  ·  last activity 2y ago by Alexei‭