Yes, because it discloses the presence of a folder called “scripts” which is a common directory. What the?! You mean if I go to my website which has a “scripts” folder where I put all my JavaScript and I have directory browsing disabled (as I rightly should) and the server returns a 403 “Forbidden” (which it rightly should), I’m putting my internet things at risks of being pwned?! Use compilers, which are able to identify unsafe functions, logic errorsĪnd check if the memory is overwritten when and where it shouldn’t be.You may not know this, but an HTTP 403 response when browsing to an empty directory is a serious security risk. Remember that you have to do it only once. Time spent on that will benefit in theįuture. Those functions which don’t have safe equivalents should be rewritten Use safe equivalent functions, which check the buffers length, whenever
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |