C and C++: A Security Perspective Security Beyond Memory Safety Using Modern C++ to Avoid Vulnerabilities by DesignMax Hoffmann Security Beyond Memory Safety CppCon 2024 2 Security Beyond Memory Safety Hoffmann Security Beyond Memory Safety CppCon 2024 3 FIFTY SHADES OF SHOOTING YOURSELF IN THE FOOT WITH A RAILGUNMax Hoffmann Security Beyond Memory Safety CppCon 2024 4Max Hoffmann Security Beyond yearsMax Hoffmann Security Beyond Memory Safety CppCon 2024 6Max Hoffmann Security Beyond Memory Safety CppCon 2024 7Max Hoffmann Security Beyond Memory Safety CppCon 2024 8Max Hoffmann Security Beyond Memory

Embracing an Adversarial Mindset for C++ Security Amanda Rousseau 9/18/2024 This presentation is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY1 Strategies for Secure C++ DevelopmentWHOAMI 0x401006 Microsoft 0x40100C Offensive 0x40100F Research & Security 0x401018 Engineering 0x40101A (MORSE) CURRENT 0x401000 MALWARE UNICORN AMANDA ROUSSEAU 0x402001 perspectiveFactors Influencing Trends Increased Security Awareness and Practices Adoption of Modern Technologies •secure coding, regular patching, comprehensive security testing •Improved Discovery Methods -

Spring Security Shiro Plugin - Reference Documentation Burt Beckwith Version 3.1.2.BUILD-SNAPSHOT Table of Contents 1. Introduction to the Spring Security Shiro Plugin . . . . . . . . . . . . . . Chapter 1. Introduction to the Spring Security Shiro Plugin The Spring Security Shiro plugin adds some support for using a hybrid approach combining Spring Security and Shiro. It currently only supports supports Shiro ACLs, since Spring Security ACLs are very powerful but can be very cumbersome to use, and the Shiro approach is straightforward and simple. The majority of the authentication and authorization

1 Shiro support for the Spring Security plugin Table of contents 2 Shiro support for the Spring Security plugin - Reference Documentation Authors: Burt Beckwith Version: 0.1 Table of Contents 1 Introduction The Spring Security Shiro plugin adds some support for using a hybrid approach combining Spring Security and . It currently only supports Shiro ACLs, since Spring Security ACLs are very Shiro authentication and authorization work is still done by Spring Security. This plugin listens for Spring Security authentication events and uses the Spring Security Authentication instance to build and register a Shiro

the Spring Security plugin Shiro support for the Spring Security plugin - Reference Documentation Authors: Burt Beckwith Version: 1.0.0 Table of Contents 1 Introduction to the Spring Security Shiro Plugin Spring Security Shiro Plugin The Spring Security Shiro plugin adds some support for using a hybrid approach combining Spring and . It currently only supports Shiro ACLs, since Spring Security ACLs are are very Security Shiro powerful but can be very cumbersome to use, and the Shiro approach is straightforward and simple. The majority of the authentication and authorization work is still done by Spring

240 9.34.1 Setting up USB/IP support on a Linux system . . . . . . . . . . . . . . . 240 9.34.2 Security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 9.35 VISO file format / 2 VM aborts with out of memory errors on Solaris 10 hosts . . . . . . . . 275 13 Security guide 277 13.1 General Security Principles . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 13.2 . . . . . . . . . . . . . . . . . 278 13.3 Security Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 13.3.1 The Security Model . . . . . . . . . . . . . . . . . . .

10 hosts . . . . . . . . 225 13 Security guide 227 13.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 13.1.1 General Security Principles . . . . . . . . . . . . . . . . . . . . . . . . . . 228 13.3 Security Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228 13.3.1 The Security Model . . . . . . . . . . . . . . . . . . . host is required). 2. Currently only Linux and Solaris Guest Additions support symlinks. 3. For security reasons the guest OS is not allowed to create symlinks by default. If you trust the guest OS to

potential security risk, so it is recommended to avoid it where possible. Since version 4.2 django CMS itself has removed any inline JavaScript from its code base to allow for meaningful Content Security Policy this module do sanity checks on arguments. Warning None of the functions in this module does any security or permission checks. They verify their input values to be sane wherever possible, however permission “text” field. exception DoesNotExist exception MultipleObjectsReturned classmethod fix_tree(**kwargs) Fixes the plugin tree by first calling treebeard fix_tree and the recalculating the correct position property

my_placeholder = PlaceholderField(my_placeholder_slotname) # your methods Warning For security reasons the related_name for a PlaceholderField may not be suppressed using '+'; this allows the briefly describe the feature and the intended goal and benefits. Bugs To be accepted, proposed bug fixes should have at least: inline documentation (comments and docstrings) in the critical areas of the this module do sanity checks on arguments. Warning None of the functions in this module does any security or permission checks. They verify their input values to be sane wherever possible, however permission

my_placeholder = PlaceholderField(my_placeholder_slotname) # your methods Warning For security reasons the related_name for a PlaceholderField may not be suppressed using '+'; this allows the briefly describe the feature and the intended goal and benefits. Bugs To be accepted, proposed bug fixes should have at least: inline documentation (comments and docstrings) in the critical areas of the this module do sanity checks on arguments. Warning None of the functions in this module does any security or permission checks. They verify their input values to be sane wherever possible, however permission