This book describes a set of guidelines for writing secure programs on Linux and Unix systems. For purposes of this book, a “secure program” is a program that sits on a security boundary, taking input from a source that does not have the same access rights as the program.
Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. This book does not address modifying the operating system kernel itself, although many of the principles discussed here do apply. These guidelines were developed as a survey of “lessons learned” from various sources on how to create such programs (along with additional observations by the author), reorganized into a set of larger principles. This book includes specific guidance for a number of languages, including C, C++, Java, Perl, PHP, Python, Tcl, and Ada95.
Table of Contents
- Summary of Linux and Unix Security Features
- Security Requirements
- Validate All Input
- Avoid Buffer Overflow
- Structure Program Internals and Approach
- Carefully Call Out to Other Resources
- Send Information Back Judiciously
- Language-Specific Issues
- Special Topics
Format(s): PDF, PostScript, HTML, RTF
File size: 674 KB
Number of pages: 168
Link: Download or read online.