Only Grant Necessary Privileges
It is often convenient during development to remove all potential restrictions that might hinder your progress in any way. The classic example of this is in CGI programming, whereby the Web server must have execute privileges on the CGI script in order to run it. Insufficient privileges will result in an error, so a common method used to rule out privilege problems when debugging a script was to grant read, write, and execute privileges to everyone (chmod 777 on Unix), removing all access restrictions. Quite often, these permissions would remain, and thus unnecessary privileges would be left intact, creating a security hole. The approach taken was to get the application working and then consider the job complete. ...
Get HTTP Developer’s Handbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
