这只说明了程序检查某种情形是否可行,然后稍后使用那一信息,但是攻击者可能会在这两个步骤之间改变该情形。
This just means that the program checked if a situation was OK, then later used that information, but an attacker can change the situation between those two steps.
以一个攻击者的角度进行思考是防护代码的下一个步骤。
Thinking like a cracker is the next step in defending your code.
系统被破坏后,攻击者将实施以下任一步骤——收集数据或破坏另一个系统。
With the system compromised, the attacker carries out whatever the next step may be-whether it's to gather data or compromise another system.
应用推荐