Secure Programming for Linux and Unix HOWTO
Prev		Next

Chapter 6. Structure Program Internals and Approach

	Like a city whose walls are broken down is a man who lacks self-control.
	Proverbs 25:28 (NIV)

Table of Contents

6.1. Secure the Interface

6.2. Minimize Privileges

6.2.1. Minimize the Privileges Granted
6.2.2. Minimize the Time the Privilege Can Be Used
6.2.3. Minimize the Time the Privilege is Active
6.2.4. Minimize the Modules Granted the Privilege
6.2.5. Consider Using FSUID To Limit Privileges
6.2.6. Consider Using Chroot to Minimize Available Files
6.2.7. Consider Minimizing the Accessible Data

6.3. Avoid Creating Setuid/Setgid Scripts

6.4. Configure Safely and Use Safe Defaults

6.5. Fail Safe

6.6. Avoid Race Conditions

6.6.1. Sequencing (Non-Atomic) Problems
6.6.2. Locking

6.7. Trust Only Trustworthy Channels

6.8. Use Internal Consistency-Checking Code

6.9. Self-limit Resources

Prev	Home	Next
Other Languages		Secure the Interface