Secure Programming for Linux and Unix HOWTO (PDF 168P)
Secure Programming for Linux and Unix HOWTO (PDF 168P)
Secure Programming for Linux and Unix HOWTO (PDF 168P)
This note covers the following topics: background, history of unix,
linux, and open source, security principles, why do programmers write insecure
code?, is open source good for security?, types of secure programs, paranoia is
a virtue, why did i write this document?, sources of design and implementation
guidelines, other sources of security information, document conventions, summary
of linux and unix security features, processes, files, system v ipc, sockets and
network connections, signals, quotas and limits, dynamically linked libraries,
audit, pam, specialized security extensions for unix-like systems, security
requirements, common criteria introduction, security environment and
objectives,validate all input, command line, environment variables, file
descriptors, file names, file contents, web-based application inputs (especially
cgi scripts), other inputs, human language (locale) selection, character
encoding, prevent cross-site malicious content on input, filter html/uris that
may be re-presented, remove or forbid some html data, encoding html data,
validating html data, validating hypertext links (uris/urls), other html tags,
related issues, forbid http get to perform non-queries, counter spam, limit
valid input time and load level, avoid buffer overflow, dangers in c/c++,
library solutions in c/c++, standard c library solution, static and dynamically
allocated buffers, strlcpy and strlcat, libmib, c++ std
This PDF covers the following topics
related to UNIX Security : Overview of UNIX System, Privileges in UNIX,
Attackers, Threats to UNIX Systems, Classes of Security Flaws, Improper Choice
of Initial Protection Domain, Network, Solutions, etc.
Author(s): Matt Bishop, Dept. of Computer
Science, University of California at Davis
This manual is an
introduction to Linux system administration. It covers, after an introduction to
the significance and problems of system administration, the basics of process,
user account, and access control management, the management of disk partitions,
file systems, and quotas, common boot loaders, the system start and shutdown
process, PC hardware, and library and package management.
This note covers the following topics: background, history of unix,
linux, and open source, security principles, why do programmers write insecure
code?, is open source good for security?, types of secure programs, paranoia is
a virtue, why did i write this document?, sources of design and implementation
guidelines, other sources of security information, document conventions, summary
of linux and unix security features, processes, files, system v ipc, sockets and
network connections, signals, quotas and limits, dynamically linked libraries,
audit, pam, specialized security extensions for unix-like systems, security
requirements, common criteria introduction, security environment and
objectives,validate all input, command line, environment variables, file
descriptors, file names, file contents, web-based application inputs (especially
cgi scripts), other inputs, human language (locale) selection, character
encoding, prevent cross-site malicious content on input, filter html/uris that
may be re-presented, remove or forbid some html data, encoding html data,
validating html data, validating hypertext links (uris/urls), other html tags,
related issues, forbid http get to perform non-queries, counter spam, limit
valid input time and load level, avoid buffer overflow, dangers in c/c++,
library solutions in c/c++, standard c library solution, static and dynamically
allocated buffers, strlcpy and strlcat, libmib, c++ std