Computer Security Art and Science, 2nd Edition

Appendix H

Programming Rules

This chapter lists the programming implementation and management rules in Chapter 31.

H.1 Implementation Rules

Implementation Rule 31.1. Structure the process so that all sections requiring extra privileges are modules. The modules should be as small as possible and should perform only those tasks that require those privileges.

Implementation Rule 31.2. Ensure that any assumptions in the program are validated. If this is not possible, document them for the installers and maintainers, so they know the assumptions that attackers will try to invalidate.

Implementation Rule 31.3. Ensure that the program does not share objects in memory with any other program, and that other programs cannot access the memory of a privileged ...

Get Computer Security Art and Science, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Computer Security Art and Science, 2nd Edition by Matt Bishop

Appendix H

Programming Rules

H.1 Implementation Rules

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly