If your program creates files, the default file permissions are controlled by the umask of the user
executing the program and/or a umask that you might specifically set at runtime using the umask()
system call. Naturally, your program cannot create, delete, or modify files or directories if it doesn??™t
have the necessary privileges. The Linux development environment also makes it possible for a
program to drop or add privileges at runtime by calling functions that change its UID or GID.
754
Programming in Linux Part VI
The impact of the Linux security model on programming is two-fold. First, the same rules and
restrictions that affect running programs and other elements of normal system usage also affect the
process of creating programs and what those programs can do. This effect is no more than the logical
consequence of the Linux security model itself. Programmatically, however, you have more
ways, or perhaps more finely grained ways, to interact with the security subsystem than you do as
a normal user of the system.
The second effect of the Linux security model for programmers is that writing a program imposes
significant burdens on programmers to program securely. An e-mail program, for example, that
stores usernames and passwords in a text file that is unencrypted and/or readable by any user
(oftentimes called world-readable) is just as insecure as a program that fails to check user input for
buffer overflow.
Pages:
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374