...
Wiki Markup |
---|
\[[Dowd 06|AA. C References#Dowd 06]\] Chapter 9, "Unix I: Privileges and Files" \[[ISO/IEC PDTR 24772|AA. C References#ISO/IEC PDTR 24772]\] "XYO Privilege Sandbox Issues" \[[MITRE 07|AA. C References#MITRE 07]\] [CWE ID 273|http://cwe.mitre.org/data/definitions/273.html], "Failure to Check Whether Privileges Were Dropped Successfully" \[[Open Group 04|AA. C References#Open Group 04]\] [{{setuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/setuid.html], [{{getuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/getuid.html], [{{seteuid()}}|http://www.opengroup.org/onlinepubs/009695399/functions/seteuid.html] \[[Wheeler 03|AA. C References#Wheeler 03]\] [Section 7.4, "Minimize Privileges"|http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/minimize-privileges.html] |
...
50. POSIX (POS) 99. The Void MSC32-C. Ensure your random number generator is properly seeded