Appendix S: SDL-Agile High-Risk Code
The following defines the highest risk code (at the time of writing) that should receive greater scrutiny if the code is legacy code and should be written with the greatest care if the code is new code.
- Windows services and *nix daemons listening on network connections
- Windows services running as SYSTEM or *nix daemons running as root
- Code listening on unauthenticated network ports connections
- ActiveX controls
- Browser protocol handlers (for example, about: or mms:)
- setuid root applications on *nix
- Code that parses data from untrusted (non-admin or remote) files
- File parsers or MIME handlers
Content Disclaimer
This documentation is not an exhaustive reference on the SDL process as practiced at Microsoft. Additional assurance work may be performed by product teams (but not necessarily documented) at their discretion. As a result, this example should not be considered as the exact process that Microsoft follows to secure all products. This documentation is provided “as-is.” Information and views expressed in this document, including URL and other Internet website references, may change without notice. You bear the risk of using it. This documentation does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. © 2012 Microsoft Corporation. All rights reserved. Licensed under Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported |