Next: Sticky Bits
Up: Secure Programming
Previous: File System Permissions
- Here's a first example of where security gets very tricky. You might think that if you disallow execution of a program, then nobody can run it. After all, that's what it means to disallow execution.
- But a malicious user can make a copy of the program, change the permissions to make it executable, and then run the copy! If you rely on users not being able to run programs that aren't executable but then don't prevent them from copying the programs, you have a security hole means by which users can perform some action that you didn't intend.
Subsections
Cem Ozdogan
2007-05-07