Chapter 10: Security

Much of the power of a GNU/Linux system comes from its support for multiple users and for networking. Many people can use the system at once, and they can connect to the system from remote locations. Unfortunately, with this power comes risk, especially for systems connected to the Internet. Under some circumstances, a remote "hacker" can connect to the system and read, modify, or remove files that are stored on the machine. Or, two users on the same machine can read, modify, or remove each other's files when they should not be allowed to do so. When this happens, the system's security is said to have been compromised.

The Linux kernel provides a variety of facilities to ensure that these events do not take place. But to avoid security breaches, ordinary applications must be careful as well. For example, imagine that you are developing accounting software. Although you might want all users to be able to file expense reports with the system, you wouldn't want all users to be able to approve those reports. You might want users to be able to view their own payroll information, but you certainly wouldn't want them to be able to view everyone else's payroll information. You might want managers to be able to view the salaries of employees in their departments, but you wouldn't want them to view the salaries of employees in other departments.

To enforce these kinds of controls, you have to be very careful. It's amazingly easy to make a mistake that allows users to do something you didn't intend them to be able to do. The best approach is to enlist the help of security experts. Still, every application developer ought to understand the basics.

...

Download PDF.