...
Detecting code that should be considered privileged or sensitive requires programmer assistance. Given identified privileged code as a starting point, automated tools could compute the closure of all code that can be invoked from that point. Such a tool could plausibly determine whether a body of signed code both includes that entire closure and also excludes all other code.
Related
...
Search for vulnerabilities resulting from the violation of this rule on the CERT website.
Related Guidelines
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="826ad89ca1718c3c-cc550840-4d4b43d7-8ac88db4-2f21c2396b81fc8c8d7db483"><ac:plain-text-body><![CDATA[ | [ISO/IEC TR 24772:2010 | http://www.aitcnet.org/isai/] | "Adherence to Least Privilege [XYN]" | ]]></ac:plain-text-body></ac:structured-macro> |
...
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e41012e319600f6d-a84a5052-4bbf499e-b17682c7-8742c48e6d3b81bad755d354"><ac:plain-text-body><![CDATA[ | [[Dormann 2008 | AA. Bibliography#Dormann 08]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="294f74760d14df2c-92fa2c56-454444ca-8e4eb655-89221d92fabfc8bfd6668803"><ac:plain-text-body><![CDATA[ | [[McGraw 1999 | AA. Bibliography#McGraw 99]] | Appendix C: Sign Only Privileged Code | ]]></ac:plain-text-body></ac:structured-macro> |
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="57e1f39f8b1c9df5-88454d4b-435f4d1b-8e4298ec-31d5aec5e014944cd8d73acb"><ac:plain-text-body><![CDATA[ | [[Schneier 2000 | AA. Bibliography#Schneier 00]] |
| ]]></ac:plain-text-body></ac:structured-macro> |
...