Talk:Security: Difference between revisions

Latest revision as of 15:09, 6 November 2009

People seem happy enough with the new format that I have copied it to the main page.

I will just leave the Security:Template link here.

@@ Line 1: / Line 1: @@
-I am working on a revision of these guidelines. I am going to hack around on this talk page before copying the result to the main page.
+People seem happy enough with the new format that I have copied it to the main page.
-Start of new page contents.
+I will just leave the [[Security:Template]] link here.
------------
-This page describes how to write secure Moodle code, that is not vulnerable to security vulnerabilities.
-The page is organised around the common types of security vulnerability. For each one, it explains what the danger is, and then to write Moodle code that avoids that vulnerability. Each vulnerability is described on a separate page, see the list below. This page also contains a summary of all the guidelines for writing secure code.
-==Common types of security vulnerability==
-* [[Security:Cross-site_request_forgery|Cross-site request forgery]]
-* Cross-site scripting
-* SQL injection
-* Command-line injection
-* Confidential information leakage
-* Configuration information leakage
-* Unauthorised access
-* Unauthenticated access
-* Session fixation
-* Denial of service
-* Brute-forcing login
-* Insecure configuration management
-* Buffer overruns, and other platform weaknesses
-* Social engineering
-==Summary of the guidelines==
-* TODO
-==See also==
-* [[Coding]]
-CategoryDeveloper
-Category:Security
-------
-End of new page contents.
-Please comment below.