Next Previous Contents

Secure Programming for Linux HOWTO

David A. Wheeler, dwheeler@dwheeler.com

version 1.30, 9 February 2000


This paper provides a set of design and implementation guidelines for writing secure programs for Linux systems. Such programs include application programs used as viewers of remote data, CGI scripts, network servers, and setuid/setgid programs.

1. Introduction

2. Background

3. Summary of Linux Security Features

4. Validate All Input

5. Avoid Buffer Overflow

6. Structure Program Internals and Approach

7. Carefully Call Out to Other Resources

8. Send Information Back Judiciously

9. Special Topics

10. Conclusions

11. References

12. Document License


Next Previous Contents