mirrors
/
system-design-primer
mirror of https://github.com/donnemartin/system-design-primer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat: translating security section

pull/867/head
geovanasilva 2024-06-16 17:34:03 -03:00
parent 3c027f61ae
commit 57a50147d0
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
README-pt-BR.md
View File

@ -166,7 +166,7 @@ Review the [Contributing Guidelines](CONTRIBUTING.md).
* [User datagram protocol (UDP)](#user-datagram-protocol-udp) * [User datagram protocol (UDP)](#user-datagram-protocol-udp)
* [Remote procedure call (RPC)](#remote-procedure-call-rpc) * [Remote procedure call (RPC)](#remote-procedure-call-rpc)
* [Representational state transfer (REST)](#representational-state-transfer-rest) * [Representational state transfer (REST)](#representational-state-transfer-rest)
* [Security](#security) * [Segurança](#segurança)
* [Appendix](#appendix) * [Appendix](#appendix)
* [Powers of two table](#powers-of-two-table) * [Powers of two table](#powers-of-two-table)
* [Latency numbers every programmer should know](#latency-numbers-every-programmer-should-know) * [Latency numbers every programmer should know](#latency-numbers-every-programmer-should-know)
@ -1557,21 +1557,21 @@ REST is focused on exposing data. It minimizes the coupling between client/serv
* [Thrift](https://code.facebook.com/posts/1468950976659943/) * [Thrift](https://code.facebook.com/posts/1468950976659943/)
* [Why REST for internal use and not RPC](http://arstechnica.com/civis/viewtopic.php?t=1190508) * [Why REST for internal use and not RPC](http://arstechnica.com/civis/viewtopic.php?t=1190508)
## Security ## Segurança
This section could use some updates. Consider [contributing](#contributing)! Esta seção precisa de algumas atualizações. Considere [contribuir](#contributing)!
Security is a broad topic. Unless you have considerable experience, a security background, or are applying for a position that requires knowledge of security, you probably won't need to know more than the basics: Segurança é um tópico abrangente. A não ser que você tenha uma experiência considerável, background, ou possa estar aplicando para uma posição que exija conhecimento em segurança, você provavelmente não irá precisar conhecer muito além do básico:
* Encrypt in transit and at rest. * Criptografe dados em trânsito e em repouso.
* Sanitize all user inputs or any input parameters exposed to user to prevent [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting) and [SQL injection](https://en.wikipedia.org/wiki/SQL_injection). * Sanitize todas as entradas do usuário ou quaisquer parâmetros de entrada expostos ao usuário para evitar [XSS](https://en.wikipedia.org/wiki/Cross-site_scripting) e [Injeção de SQL](https://en.wikipedia.org/wiki/SQL_injection).
* Use parameterized queries to prevent SQL injection. * Use consultas SQL parametrizadas para prevenir injeção de SQL.
* Use the principle of [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege). * Use o princípio do [privilégio mínimo](https://en.wikipedia.org/wiki/Principle_of_least_privilege).
### Source(s) and further reading ### Fonte(s) e leituras adicionais
* [API security checklist](https://github.com/shieldfy/API-Security-Checklist) * [Checklist de segurança para API's](https://github.com/shieldfy/API-Security-Checklist)
* [Security guide for developers](https://github.com/FallibleInc/security-guide-for-developers) * [Guia de segurança para desenvolvedores](https://github.com/FallibleInc/security-guide-for-developers)
* [OWASP top ten](https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet) * [OWASP top ten](https://www.owasp.org/index.php/OWASP_Top_Ten_Cheat_Sheet)
## Appendix ## Appendix