book

Linux Application Development, Second Edition

by Michael K. Johnson, Erik W. Troan

November 2004

Intermediate to advanced

736 pages

14h 4m

English

Addison-Wesley Professional

Read now

Unlock full access

Copyright
Dedication
List of Tables
Code Examples
Preface
Second EditionAcknowledgments
1. Getting Started
1. History of Linux Development
1.1. A Short History of Free Unix Software1.2. Development of Linux1.3. Notional Lineage of Unix Systems1.4. Linux Lineage
2. Licenses and Copyright
2.1. Copyright2.2. Licensing2.3. Free Software Licenses2.3.1. The GNU General Public License2.3.2. The GNU Library General Public License2.3.3. MIT/X/BSD-Style Licenses2.3.4. Old BSD-Style Licenses2.3.5. Artistic License2.3.6. License Incompatibilities
3. Online System Documentation
3.1. The man Pages3.2. The Info Pages3.3. Other Documentation
2. Development Tools and Environment
4. Development Tools
4.1. Editors4.1.1. Emacs4.1.2. vi4.2. Make4.2.1. Complex Command Lines4.2.2. Variables4.2.3. Suffix Rules4.3. The GNU Debugger4.4. Tracing Program Actions

5. gcc Options and Extensions
5.1. gcc Options5.2. Header Files5.2.1. long long5.2.2. Inline Functions5.2.3. Alternative Extended Keywords5.2.4. Attributes
6. The GNU C Library
6.1. Feature Selection6.2. POSIX Interfaces6.2.1. POSIX Required Types6.2.2. Discovering Run-Time Capabilities6.2.3. Finding and Setting Basic System Information6.3. Compatibility
7. Memory Debugging Tools
7.1. Buggy Code7.2. Memory-Checking Tools Included in glibc7.2.1. Finding Memory Heap Corruption7.2.2. Using mtrace() to Track Allocations7.3. Finding Memory Leaks with mpr7.4. Investigating Memory Errors with Valgrind7.5. Electric Fence7.5.1. Using Electric Fence7.5.2. Memory Alignment7.5.3. Other Features7.5.4. Limitations7.5.5. Resource Consumption
8. Creating and Using Libraries
8.1. Static Libraries8.2. Shared Libraries8.3. Designing Shared Libraries8.3.1. Managing Compatibility8.3.2. Incompatible Libraries8.3.3. Designing Compatible Libraries8.4. Building Shared Libraries8.5. Installing Shared Libraries8.5.1. Example8.6. Using Shared Libraries8.6.1. Using Noninstalled Libraries8.6.2. Preloading Libraries
9. Linux System Environment
9.1. The Process Environment9.2. Understanding System Calls9.2.1. System Call Limitations9.2.2. System Call Return Codes9.2.3. Using System Calls9.2.4. Common Error Return Codes9.3. Finding Header and Library Files
3. System Programming
10. The Process Model
10.1. Defining a Process10.1.1. Complicating Things with Threads10.1.2. The Linux Approach10.2. Process Attributes10.2.1. The pid and Parentage10.2.2. Credentials10.2.3. The filesystem uid10.2.4. User and Group ID Summary10.3. Process Information10.3.1. Program Arguments10.3.2. Resource Usage10.3.3. Establishing Usage Limits10.4. Process Primitives10.4.1. Having Children10.4.2. Watching Your Children Die10.4.3. Running New Programs10.4.4. Faster Process Creation with vfork()10.4.5. Killing Yourself10.4.6. Killing Others10.4.7. Dumping Core10.5. Simple Children10.5.1. Running and Waiting with system()10.5.2. Reading or Writing from a Process10.6. Sessions and Process Groups10.6.1. Sessions10.6.2. Controlling Terminal10.6.3. Process Groups10.6.4. Orphaned Process Groups10.7. Introduction to ladsh10.7.1. Running External Programs with ladsh10.8. Creating Clones
11. Simple File Handling
11.1. The File Mode11.1.1. File Access Permissions11.1.2. File Permission Modifiers11.1.3. File Types11.1.4. The Process’s umask11.2. Basic File Operations11.2.1. File Descriptors11.2.2. Closing Files11.2.3. Opening Files in the File System11.2.4. Reading, Writing, and Moving Around11.2.5. Partial Reads and Writes11.2.6. Shortening Files11.2.7. Synchronizing Files11.2.8. Other Operations11.3. Querying and Changing Inode Information11.3.1. Finding Inode Information11.3.2. A Simple Example of stat()11.3.3. Easily Determining Access Rights11.3.4. Changing a File’s Access Permissions11.3.5. Changing a File’s Owner and Group11.3.6. Changing a File’s Timestamps11.3.7. Ext3 Extended Attributes11.4. Manipulating Directory Entries11.4.1. Creating Device and Named Pipe Entries11.4.2. Creating Hard Links11.4.3. Using Symbolic Links11.4.4. Removing Files11.4.5. Renaming Files11.5. Manipulating File Descriptors11.5.1. Changing the Access Mode for an Open File11.5.2. Modifiying the close-on-exec Flag11.5.3. Duplicating File Descriptors11.6. Creating Unnamed Pipes11.7. Adding Redirection to ladsh11.7.1. The Data Structures11.7.2. Changing the Code
12. Signal Processing
12.1. Signal Concepts12.1.1. Life Cycle of a Signal12.1.2. Simple Signals12.1.3. Reliable Signals12.1.4. Signals and System Calls12.2. The Linux (and POSIX) Signal API12.2.1. Sending Signals12.2.2. Using sigset_t12.2.3. Catching Signals12.2.4. Manipulating a Process’s Signal Mask12.2.5. Finding the Set of Pending Signals12.2.6. Waiting for Signals12.3. Available Signals12.3.1. Describing Signals12.4. Writing Signal Handlers12.5. Reopening Log Files12.6. Real-Time Signals12.6.1. Signal Queueing and Ordering12.7. Learning About a Signal12.7.1. Getting a Signal’s Context12.7.2. Sending Data with a Signal
13. Advanced File Handling
13.1. Input and Output Multiplexing13.1.1. Nonblocking I/O13.1.2. Multiplexing with poll()13.1.3. Multiplexing with select()13.1.4. Comparing poll() and select()13.1.5. Multiplexing with epoll13.1.6. Comparing poll() and epoll13.2. Memory Mapping13.2.1. Page Alignment13.2.2. Establishing Memory Mappings13.2.3. Unmapping Regions13.2.4. Syncing Memory Regions to Disk13.2.5. Locking Memory Regions13.3. File Locking13.3.1. Lock Files13.3.2. Record Locking13.3.3. Mandatory Locks13.3.4. Leasing a File13.4. Alternatives to read() and write()13.4.1. Scatter/Gather Reads and Writes13.4.2. Ignoring the File Pointer
14. Directory Operations
14.1. The Current Working Directory14.1.1. Finding the Current Working Directory14.1.2. The . and .. Special Files14.1.3. Changing the Current Directory14.2. Changing the Root Directory14.3. Creating and Removing Directories14.3.1. Creating New Directories14.3.2. Removing Directories14.4. Reading a Directory’s Contents14.4.1. Starting Over14.5. File Name Globbing14.5.1. Use a Subprocess14.5.2. Internal Globbing14.6. Adding Directories and Globbing to ladsh14.6.1. Adding cd and pwd14.6.2. Adding File Name Globbing14.7. Walking File System Trees14.7.1. Using ftw()14.7.2. File Tree Walks with nftw()14.7.3. Implementing find14.8. Directory Change Notification
15. Job Control
15.1. Job Control Basics15.1.1. Restarting Processes15.1.2. Stopping Processes15.1.3. Handling Job Control Signals15.2. Job Control in ladsh
16. Terminals and Pseudo Terminals
16.1. tty Operations16.1.1. Terminal Utility Functions16.1.2. Controlling Terminals16.1.3. Terminal Ownership16.1.4. Recording with utempter16.1.5. Recording by Hand16.2. termios Overview16.3. termios Examples16.3.1. Passwords16.3.2. Serial Communications16.4. termios Debugging16.5. termios Reference16.5.1. Functions16.5.2. Window Sizes16.5.3. Flags16.5.4. Input Flags16.5.5. Output Flags16.5.6. Control Flags16.5.7. Control Characters16.5.8. Local Flags16.5.9. Controlling read()16.6. Pseudo ttys16.6.1. Opening Pseudo ttys16.6.2. Opening Pseudo ttys the Easy Ways16.6.3. Opening Pseudo ttys the Hard Ways16.6.4. Pseudo tty Examples
17. Networking with Sockets
17.1. Protocol Support17.1.1. Nice Networking17.1.2. Real Networking17.1.3. Making Reality Play Nice17.1.4. Addresses17.2. Utility Functions17.3. Basic Socket Operations17.3.1. Creating a Socket17.3.2. Establishing Connections17.3.3. Binding an Address to a Socket17.3.4. Waiting for Connections17.3.5. Connecting to a Server17.3.6. Finding Connection Addresses17.4. Unix Domain Sockets17.4.1. Unix Domain Addresses17.4.2. Waiting for a Connection17.4.3. Connecting to a Server17.4.4. Running the Unix Domain Examples17.4.5. Unnamed Unix Domain Sockets17.4.6. Passing File Descriptors17.5. Networking Machines with TCP/IP17.5.1. Byte Ordering17.5.2. IPv4 Addressing17.5.3. IPv6 Addressing17.5.4. Manipulating IP Addresses17.5.5. Turning Names into Addresses17.5.6. Turning Addresses into Names17.5.7. Listening for TCP Connections17.5.8. TCP Client Applications17.6. Using UDP Datagrams17.6.1. Creating a UDP Socket17.6.2. Sending and Receiving Datagrams17.6.3. A Simple tftp Server17.7. Socket Errors17.8. Legacy Networking Functions17.8.1. IPv4 Address Manipulation17.8.2. Hostname Resolution17.8.3. Legacy Host Information Lookup Example17.8.4. Looking Up Port Numbers
18. Time
18.1. Telling Time and Dates18.1.1. Representing Time18.1.2. Converting, Formatting, and Parsing Times18.1.3. The Limits of Time18.2. Using Timers18.2.1. Sleeping18.2.2. Interval Timers
19. Random Numbers
19.1. Pseudo-Random Numbers19.2. Cryptography and Random Numbers
20. Programming Virtual Consoles
20.1. Getting Started20.2. Beeping20.3. Determining Whether the Terminal Is a VC20.4. Finding the Current VC20.5. Managing VC Switching20.6. Example: The open Command
21. The Linux Console
21.1. Capability Databases21.2. Glyphs, Characters, and Maps21.3. Linux Console Capabilities21.3.1. Control Characters21.3.2. Escape Sequences21.3.3. Testing Sequences21.3.4. Complex Escape Sequences21.4. Direct Screen Writing
22. Writing Secure Programs
22.1. When Security Matters22.1.1. When Security Fails22.2. Minimizing the Opportunity for Attack22.2.1. Giving Up Permissions22.2.2. Getting a Helping Hand22.2.3. Restricting File System Access22.3. Common Security Holes22.3.1. Buffer Overflows22.3.2. Parsing Filenames22.3.3. Environment Variables22.3.4. Running the Shell22.3.5. Creating Temporary Files22.3.6. Race Conditions and Signal Handlers22.3.7. Closing File Descriptors22.4. Running as a Daemon
4. Development Libraries
23. String Matching
23.1. Globbing Arbitrary Strings23.2. Regular Expressions23.2.1. Linux Regular Expressions23.2.2. Regular Expression Matching23.2.3. A Simple grep
24. Terminal Handling with S-Lang
24.1. Input Handling24.1.1. Initializing S-Lang Input Handling24.1.2. Restoring the Terminal State24.1.3. Reading Characters from the Terminal24.1.4. Checking for Pending Input24.2. Output Handling24.2.1. Initializing Screen Management24.2.2. Updating the Display24.2.3. Moving the Cursor24.2.4. Finishing Screen Management24.2.5. Skeleton Screen Management24.2.6. Switching Character Sets24.2.7. Writing to the Screen24.2.8. Drawing Lines and Boxes24.2.9. Using Color
25. A Hashed Database Library
25.1. Overview25.2. Basic Operations25.2.1. Opening a qdbm File25.2.2. Closing a Database25.2.3. Obtaining the File Descriptor25.2.4. Syncing the Database25.3. Reading Records25.3.1. Reading a Particular Record25.3.2. Reading Records Sequentially25.4. Modifying the Database25.4.1. Adding Records25.4.2. Removing Records25.5. Example
26. Parsing Command-Line Options
26.1. The Option Table26.1.1. Defining the Options26.1.2. Nesting Option Tables26.2. Using the Option Table26.2.1. Creating a Context26.2.2. Parsing the Command Line26.2.3. Leftover Arguments26.2.4. Automatic Help Messages26.3. Using Callbacks26.4. Error Handling26.5. Option Aliasing26.5.1. Specifying Aliases26.5.2. Enabling Aliases26.6. Parsing Argument Strings26.7. Handling Extra Arguments26.8. Sample Application
27. Dynamic Loading at Run Time
27.1. The dl Interface27.1.1. Example
28. User Identification and Authentication
28.1. ID-to-Name Translation28.1.1. Example: The id Command28.2. Pluggable Authentication Modules28.2.1. PAM Conversations28.2.2. PAM Actions
Appendices
A. Header Files
B. ladsh Source Code
Glossary
Bibliography

Content preview from Linux Application Development, Second Edition

Chapter 22. Writing Secure Programs

The vast majority of computers running Linux are connected to the Internet, and many of them are used by multiple people. Keeping a computer and its software secure from anonymous threats that arrive over its network connection, as well as from local users who are trying to gain unauthorized levels of access, requires careful programming in both the core operating system and many of its applications.

This chapter gives an overview of some of the things to think about when you are writing C programs that need to be secure. We discuss what types of programs need to think carefully about their security and how to minimize the risks, and mention some of the most common security pitfalls. This is meant to be an introduction ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Linux Device Driver Development - Second Edition

Publisher Resources

ISBN: 0321219147Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Linux Application Development, Second Edition

by Michael K. Johnson, Erik W. Troan

Chapter 22. Writing Secure Programs

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.