Contents
in Detail
xxi
37.3
Guidelines for Writing Daemons ................................................................................. 771
37.4
Using SIGHUP to Reinitialize a Daemon ......................................................................... 772
37.5
Logging
Messages and Errors Using
syslog
................................................................... 775
37.5.1
Overview............................................................................................. 775
37.5.2
The
syslog
API ....................................................................................... 777
37.5.3
The /etc/syslog.conf File ...................................................................... 781
37.6
Summary.................................................................................................................. 782
37.7
Exercise ................................................................................................................... 782
38
WRITING SECURE PRIVILEGED PROGRAMS
783
38.1
Is a Set-User-ID or Set-Group-ID Program Required? ....................................................... 784
38.2
Operate with Least Privilege ....................................................................................... 784
38.3
Be Careful When Executing a Program ........................................................................ 787
38.4
Avoid Exposing Sensitive Information........................................................................... 788
38.5
Confine the Process ................................................................................................... 789
38.6
Beware of Signals and Race Conditions....................................................................... 790
38.7
Pitfalls When Performing File Operations and File I/O................................................... 790
38.8
Don’t Trust Inputs or the Environment............................................................................ 791
38.9
Beware of Buffer Overruns ......................................................................................... 792
38.10 Beware of Denial-of-Service Attacks ............................................................................. 793
38.11 Check Return Statuses and Fail Safely .......................................................................... 794
38.12 Summary.................................................................................................................. 795
38.13 Exercises .................................................................................................................. 796
Chia sẻ với bạn bè của bạn: