Outline for March 16, 1999
- Greetings and felicitations!
- Security in Programming
- Specification/Requirements
- Design
- Implementation
- Design: use MTA on UNIX
- Principle of Least Privilege
- Principle of Fail-Safe Defaults
- Principle of Economy of Mechanism
- Principle of Complete Mediation
- Principle of Open Design
- Principle of Separation of Privilege
- Principle of Least Common Mechanism
- Principle of Psychological Acceptability
- Implementation
- Object naming
- Process environment
- Process interaction
- Error and exception handling
- Object naming
- Trojan horses
- Race conditions (TOCTTOU)
- Process environment
- Privileges
- Environment variables
- System constraints (root directory, etc.)
- Process interaction
- IPC and pipes
- Use of the network
- Multithreading and synchronization (locking)
- Error and exception handling
- Assumptions
- Signals and race conditions
You can get this document in
ASCII text,
Framemaker+SGML version 5.5,
PDF (for Acrobat 3.0 or later),
or
Postscript.
Send email to
[email protected].
Department of Computer Science
University of California at Davis
Davis, CA 95616-8562
Page last modified on 3/17/99