linux,faqs,howtos,man,forum,squid,mount,ntfs,bandwidth,gnu,opensource,directory
  
Home | Forum | MAN Pages | Tutorials | Directory | HOWTOs | About Me | Contact
You are Browsing Linux HOWTOS
 
FAQS
- Advanced Routing & Traffic Control
- General FAQ
- Squid Proxy Server
- Sendmail
- Fetchmail
- Postfix
- Connecting Mobile Phone
- Paging from Linux
- Standard Commands
- Some common terms
Linux HOWTOs
- Single List of HOWTOs
- 3-Button-Mouse
- Bootdisk-HOWTO
- Cipe+Masq
- Diskless HOWTO
- IBM7248 HOWTO
- Font HOWTO
- - Infrared-HOWTO
- Keyboard-and-Console-HOWTO
- Linux+XFS-HOWTO
- MultiOS-HOWTO
- OLSR-IPv6-HOWTO
- Portuguese-HOWTO
- Samba-Authenticated-Gateway-HOWTO
- SMB-HOWTO
- Traffic-Control-HOWTO
- User-Authentication-HOWTO
- VPN-HOWTO
- Winmodems-and-Linux-HOWTO
- Xinerama-HOWTO

- ADSL Bandwidth Management
- Compile Apache
- Make a Bootdisk
- Linux-Windows9x-Grub
- Linux-Windows
- Linux Crash Recovery
- Optimise Squid
- Block websites in Squid
- Broadcast webcam in linux
- Compile RedHat Linux kernel
- Implement Firewall Security
- Increase Harddrive Performance
- Mount NTFS filesystem
- Patch / rebuild SRPM
- Secure Linux
- Set up a DHCP Server
- Set up an FTP server
- Set up Linux as a Router
- Use Cron
- Samba
Miscellaneous
- All Ports
- Spammers fetch email addresses
- Mounting NTFS in linux
- Linux Gazette
- Linux Directory
- Linux Man

linux,man,pages,linux man pages,squid,ntfs,mount
  

Secure Programming for Linux and Unix HOWTO

David A. Wheeler

v3.010 Edition

Copyright © 1999, 2000, 2001, 2002, 2003 David A. Wheeler

v3.010, 3 March 2003

This book provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C++, Java, Perl, PHP, Python, Tcl, and Ada95 are included. For a current version of the book, see http://www.dwheeler.com/secure-programs

Table of Contents
1. Introduction
2. Background
2.1. History of Unix, Linux, and Open Source / Free Software
2.2. Security Principles
2.3. Why do Programmers Write Insecure Code?
2.4. Is Open Source Good for Security?
2.5. Types of Secure Programs
2.6. Paranoia is a Virtue
2.7. Why Did I Write This Document?
2.8. Sources of Design and Implementation Guidelines
2.9. Other Sources of Security Information
2.10. Document Conventions
3. Summary of Linux and Unix Security Features
3.1. Processes
3.2. Files
3.3. System V IPC
3.4. Sockets and Network Connections
3.5. Signals
3.6. Quotas and Limits
3.7. Dynamically Linked Libraries
3.8. Audit
3.9. PAM
3.10. Specialized Security Extensions for Unix-like Systems
4. Security Requirements
4.1. Common Criteria Introduction
4.2. Security Environment and Objectives
4.3. Security Functionality Requirements
4.4. Security Assurance Measure Requirements
5. Validate All Input
5.1. Command line
5.2. Environment Variables
5.3. File Descriptors
5.4. File Names
5.5. File Contents
5.6. Web-Based Application Inputs (Especially CGI Scripts)
5.7. Other Inputs
5.8. Human Language (Locale) Selection
5.9. Character Encoding
5.10. Prevent Cross-site Malicious Content on Input
5.11. Filter HTML/URIs That May Be Re-presented
5.12. Forbid HTTP GET To Perform Non-Queries
5.13. Counter SPAM
5.14. Limit Valid Input Time and Load Level
6. Avoid Buffer Overflow
6.1. Dangers in C/C++
6.2. Library Solutions in C/C++
6.3. Compilation Solutions in C/C++
6.4. Other Languages
7. Structure Program Internals and Approach
7.1. Follow Good Software Engineering Principles for Secure Programs
7.2. Secure the Interface
7.3. Separate Data and Control
7.4. Minimize Privileges
7.5. Minimize the Functionality of a Component
7.6. Avoid Creating Setuid/Setgid Scripts
7.7. Configure Safely and Use Safe Defaults
7.8. Load Initialization Values Safely
7.9. Fail Safe
7.10. Avoid Race Conditions
7.11. Trust Only Trustworthy Channels
7.12. Set up a Trusted Path
7.13. Use Internal Consistency-Checking Code
7.14. Self-limit Resources
7.15. Prevent Cross-Site (XSS) Malicious Content
7.16. Foil Semantic Attacks
7.17. Be Careful with Data Types
8. Carefully Call Out to Other Resources
8.1. Call Only Safe Library Routines
8.2. Limit Call-outs to Valid Values
8.3. Handle Metacharacters
8.4. Call Only Interfaces Intended for Programmers
8.5. Check All System Call Returns
8.6. Avoid Using vfork(2)
8.7. Counter Web Bugs When Retrieving Embedded Content
8.8. Hide Sensitive Information
9. Send Information Back Judiciously
9.1. Minimize Feedback
9.2. Don't Include Comments
9.3. Handle Full/Unresponsive Output
9.4. Control Data Formatting (Format Strings/Formatation)
9.5. Control Character Encoding in Output
9.6. Prevent Include/Configuration File Access
10. Language-Specific Issues
10.1. C/C++
10.2. Perl
10.3. Python
10.4. Shell Scripting Languages (sh and csh Derivatives)
10.5. Ada
10.6. Java
10.7. Tcl
10.8. PHP
11. Special Topics
11.1. Passwords
11.2. Authenticating on the Web
11.3. Random Numbers
11.4. Specially Protect Secrets (Passwords and Keys) in User Memory
11.5. Cryptographic Algorithms and Protocols
11.6. Using PAM
11.7. Tools
11.8. Windows CE
11.9. Write Audit Records
11.10. Physical Emissions
11.11. Miscellaneous
12. Conclusion
13. Bibliography
A. History
B. Acknowledgements
C. About the Documentation License
D. GNU Free Documentation License
E. Endorsements
F. About the Author
List of Tables
5-1. Legal UTF-8 Sequences
List of Figures
1-1. Abstract View of a Program
  Next
  Introduction
  
Random Linux Commands
Shell
The command-line user interface. Various shells are available under Linux, the most popular of which is Bash. Shells create an environment for you to work in, and do this by providing shortcuts, scripting facilities and customized prompts.

Common Linux terms
Linux-FAQs Search
linux,faqs,howto,howtos,man,manpages,directory,forum


Linux-FAQs Forum Categories
- About Forum
- Hardware Troubleshooting in Linux
- Linux Entertainment
- Resources
- Software toubleshooting and configuration
Linux-FAQs Man Pages
- About Forum
- Hardware Troubleshooting in Linux
- Linux Entertainment
- Resources
- Software toubleshooting and configuration
All Linux-FAQs Forums
- Crash Recovery
- FAQs
- Forum Talk
- Games
- General
- Linux Audio Support
- Linux Hardware / Driver
- Linux Installation Support
- Linux misc.
- Linux Networking
- Linux Newbies
- Linux Printing Support
- Linux Security
- Linux Video Support
- Mail Server
- Multimedia
- Tutorials
- Web Proxy Server
- Web Server

linux,man,man pages,faqs,howtos,forum
  
Powered by HTML
Linux-faqs.com Copyright, All rights reserved www.linux-faqs.com. Peeyush Maurya.