Changes between Version 2 and Version 3 of ProjectSecurity


Ignore:
Timestamp:
04/27/07 12:28:17 (11 years ago)
Author:
KSMarksPsych
Comment:

Updated links to point to wiki pages.

Legend:

Unmodified
Added
Removed
Modified
  • ProjectSecurity

    v2 v3  
    11= Project security =
    22
    3 Before creating a BOINC project, read about [http://boinc.berkeley.edu/security.php security issues in volunteer computing]. BOINC provides mechanisms that address the major issues, making volunteer computing safe both for you and for participants.
     3Before creating a BOINC project, read about [SecurityIssues security issues in volunteer computing]. BOINC provides mechanisms that address the major issues, making volunteer computing safe both for you and for participants.
    44
    55'''If you don't use these mechanisms correctly, your project will be vulnerable to a variety of attacks. In the worst case, your project could be used as a vector to distribute malicious software to large numbers of computers. This would be fatal to your project, and would cause serious damage to volunteer computing in general.'''
     
    1111 * Read about [http://dev.mysql.com/doc/refman/5.0/en/security-guidelines.html MySQL general security guidelines], and make your MySQL server as secure as possible.
    1212 * Make sure your application doesn't become infected. Secure your source-code repository, and examine all checkins. If your application uses third-party libraries, make sure they're safe. Read about [http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/index.html Secure Programming for Linux and Unix], especially if your application does network communication.
    13  * Use BOINC's [http://boinc.berkeley.edu/code_signing.php code-signing mechanism], and use a disconnected and physically secure code-signing computer.
     13 * Use BOINC's [CodeSigning code-signing mechanism], and use a disconnected and physically secure code-signing computer.
    1414