Strategies for security – Python
We have discussed quite a few vulnerabilities that exist in the core Python programming language, and also taken a look at some of the common security issues affecting Python web applications.
The time is ripe now to go through strategies—tips and techniques that a security architect can use so that their team can apply secure coding principles to mitigate security issues right from the stage of program design and development:
- Reading input: While reading console input, prefer raw input over
input, as the former doesn't evaluate Python expressions, but returns input as plain strings. Any type conversions or validations should be done manually, and exceptions are thrown or errors returned if types don't match. For ...