Thursday, July 28, 2005

If a program requires a superuser privileges to do some job, "It is always best to give up the extra privilege when it is no longer needed, just in case the program has a latent bug that someone could exploit".
Richard Stevenes, Unix N/W Prog. V1
see line 11 page 666:
setuid(getuid()); /* don't need special permissions any more */
// it drops superuser privileges that was previuosly given to a normal user to be able to create a raw socket


No comments:

Post a Comment