Home :: International :: Manuals :: Howto :: FAQ :: Man Pages :: Email Login
 
 

 
Secure Programming for Linux and Unix HOWTO
PrevChapter 5. Validate All InputNext

5.1. Command line

Many programs take input from the command line. A setuid/setgid program's command line data is provided by an untrusted user, so a setuid/setgid program must defend itself from potentially hostile command line values. Attackers can send just about any kind of data through a command line (through calls such as the execve(3) call). Therefore, setuid/setgid programs must completely validate the command line inputs and must not trust the name of the program reported by command line argument zero (an attacker can set it to any value including NULL).

PrevHomeNext
Validate All InputUpEnvironment Variables
 
 
 
 
Google
  Web Linuxinfor   
 

Home :: Copyright :: Privacy :: Credits :: Get a free Linuxinfor Email Account

Document on this page is part of "Secure Programming for Linux and Unix HOWTO". See Index Page for more info about Authorship and Copyright.

1999-2008 Linuxinfor.com. No rights reserved.