方法、类型和可被定义为不安全的代码块。
要编写安全的代码,必须首先了解您的应用面临的威胁。
To write secure code, you must first understand the threats to which your work is exposed.
这是一个典型的症状是不是线程安全的代码。
这样也会帮助使用者和开发者下次能够据此问题写出更安全的代码。
This also serves to the user or developer as a lesson to write more secure code next time around.
CWE还为程序员提供了编写更安全的代码所需要的更详细的内容。
CWE also provides more details needed for programmers to write more secure code.
不支持标准的。NET类库,因为它包含了不安全的代码。
Does not support the standard.net class library due to its inclusion of unsafe code?
另一个是个人客户,他在站点安全性方面比较宽松,可能将不安全的代码上载到这个站点。
The other is an individual customer who is lax about site security and is known to upload insecure code to his site.
若要确定所使用的语言编译器是否生成可验证为类型安全的代码,请参见编译器的文档。
To determine whether the language compiler you use generates verifiably type-safe code, consult the compiler's documentation.
如果调用方会影响代码生成,这一问题会更加恶化,所以您必须保证只生成您认为安全的代码。
The problem worsens when the caller can influence code generation, so you must ensure that only code you consider safe is generated.
这种方法根本不会产生安全的代码,因为您无法创建足够多的测试来涵盖攻击者能做到的所有稀奇古怪的事情。
That approach simply won't produce secure code, because you can't create enough tests to represent all the odd things an attacker can do.
通过强类型数据结构来使用webservice,使用它支持的数据结构和易于使用的接口来维护快速并安全的代码。
Using web services via strongly typed data structures and maintaining rapid and safe codes with its supporting data structures and easy to use interface.
从表面上看,锁省略似乎可以允许我们不必忍受同步带来的负担,就可以编写线程安全的代码了,前提是在同步的确是多余的情况下。
On the surface it looks as though lock elision allows us to write thread safe code without any synchronization penalty for using in cases where it really wasn't needed.
但是,如果代码以任意偏移量访问内存,该偏移量超出了属于该对象的公开字段的内存范围,则它就不是类型安全的代码。
However, if the code accesses memory at arbitrary offsets outside the range of memory that belongs to that object's publicly exposed fields, it is not type-safe.
因为类型安全的代码不会导致内存错误,所以使用应用程序域可以确保在一个域中运行的代码不会影响进程中的其他应用程序。
Because type-safe code cannot cause memory faults, using application domains ensures that code running in one domain cannot affect other applications in the process.
坚固的代码是一种突破,并注入这样一种心态:安全的代码同样应该成为引以为傲的源泉,就像优雅的、表现出色的高质量代码一样。
Rugged code is a way of breaking through and instilling a mindset that secure code should be a pride-of-ownership issue just as much as elegant, high performing, and high quality code is.
由于公共语言运行时能够验证代码是否为类型安全的代码,所以它可以提供与进程边界一样大的隔离级别,而其性能开销则要低得多。
The ability to verify code as type-safe enables the common language runtime to provide as great a level of isolation as the process boundary, at a much lower performance cost.
另一种是找到确保软件开发人员编写的代码中有更少的缺陷的方法,这样黑客就有更少的安全漏洞可以利用。
Another is to find ways to ensure that software developers produce code with fewer flaws in it so that hackers have fewer security holes to exploit.
注意这样的代码是完全线程安全的。
优良的PHP代码应该是安全的。
例如,CLASP为开发人员提供了一个安全代码指南的例子。
For instance, CLASP provides an example set of secure coding guidelines for developers.
编写安全代码的技巧。
静态类型可以提供更好的安全性,而且显然还可以提高代码的可读性。
Static typing possibly enables better security and definitely improves code readability in places.
按需脚本可能包含打算攻击XXS等安全漏洞的恶意代码。
On-demand scripts can include malicious code aimed at exploiting security vulnerabilities such as XSS.
这表示下面的代码不是线程安全的。
What this means is that the following code is not thread safe!
Jt框架还使用声明安全性来避免编写易出错的安全代码。
The Jt framework also uses declarative security which avoids the need for error-prone security coding.
最后,清单14中的代码负责安全删除解密文本文件,从而去除任何存储在磁盘上的纯文本信息。
Finally the code in Listing 14 handles the secure deletion of the decrypted text file to remove any clear text information stored on disk.
这些工具帮助用户利用我们在内部使用多年的工具,编写自己的安全和高质量的托管代码或原生代码。
This helped customers write secure and quality code for managed and native platforms using the same tools that we had been using internally for years.
它的好处—就代码安全和简单性而言,甚至经常就性能而言—是巨大的。
Its benefits - in terms of code safety and simplicity, and often even in terms of performance - are enormous.
它的好处—就代码安全和简单性而言,甚至经常就性能而言—是巨大的。
Its benefits - in terms of code safety and simplicity, and often even in terms of performance - are enormous.
应用推荐