Outline for October 6, 2006

Reading: §13

  1. Greetings and felicitations!
    1. Puzzle of the day
  2. Common Implementation Vulnerabilities
    1. Race conditions (xterm flaw, signals)
    2. Environment variables (vi one-upsmanship)
    3. Not resetting privileges (Purdue Games incident)
  3. Principles of Secure Design
    1. Principle of Least Privilege
    2. Principle of Fail-Safe Defaults
    3. Principle of Economy of Mechanism
You can also obtain a PDF version of this. Version of October 8, 2006 at 8:40 PM