Next Previous Contents

Secure Programming for Linux HOWTO

David A. Wheeler,

version 1.23, 5 January 2000

This paper provides a set of design and implementation guidelines for writing secure programs for Linux systems. Such programs include application programs used as viewers of remote data, CGI scripts, network servers, and setuid/setgid programs.

1. Introduction

2. Background

3. Summary of Linux Security Features

4. Validate All Input

5. Avoid Buffer Overflow

6. Structure Program Internals and Approach

7. Carefully Call Out to Other Resources

8. Send Information Back Judiciously

9. Special Topics

10. Conclusions

11. References

12. Document License

Next Previous Contents