secure-coding.rst - OpenGrok cross reference for /Zephyr-latest/doc/security/secure-coding.rst

Lines Matching refs:be
14 uncontrolled access can be devastating [#attackf]_.
41 should have.  This knowledge will be necessary for the review process
49 Finally, the document covers how changes are to be made to this
55 Designing an open software system such as Zephyr to be secure requires
61   protection mechanisms cannot be kept secret on any system in
64   well established cryptographic libraries shall be used.
67   system shall be kept as simple and small as possible. In the context
68   of the Zephyr project, this can be realized, e.g., by modular code
72   process needs to be authenticated first. Mechanisms to store access
73   conditions shall be avoided if possible.
78   Furthermore, default settings for services shall be chosen in a way
83   more need to be satisfied before access is granted. In the context
93   than one user or process shall not be shared if not strictly
94   required. The example given in [SALT75]_ is a function that should be
110   shall be used.
114   shall not be enabled by default if they are only rarely used (a
116   be realized using the configuration management. Each functionality
117   and module shall be represented as a configuration option and needs
118   to be explicitly enabled. Then, all features, protocols, and drivers
119   not required for a particular use case can be disabled. The user
120   shall be notified if low-level options and APIs are enabled but not
126   validation phase. In each stage, appropriate documentation shall be
127   provided. All commits shall be related to a bug report or change
129   shall be denied.
147   projects' installation shall be secure by default)
149 - complete mediation (every access that might be limited must be
150   checked for authority and be non-bypassable)
173 - psychological acceptability (the human interface must be designed
179 - input validation with whitelists (inputs should typically be checked
192 Developers would typically be considered primary developers if they
230 There shall be a "Zephyr Security Subcommittee", responsible for
234 This team will be established according to the Zephyr Project charter.
240 required to go through.  Each change shall be reviewed by at least one
253 that can be used to record and track defects that are found in the
261 Subcommittee. In addition, there shall be a
265 This embargo, or limited visibility, shall only be for a fixed
268 project itself, it may be necessary to increase this embargo time.
269 The time necessary shall be clearly annotated in the issue itself.
271 The list of issues shall be reviewed at least once a month by the
273 tracking the fixes, determining if any external parties need to be
275 issue.  The embargo should **not** be lifted via an automated means, but
282 Changes to this document shall be reviewed by the Zephyr Security Subcommittee,