O'Reilly logo

The Old New Thing: Practical Development Throughout the Evolution of Windows by Raymond Chen

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter Seventeen. Security

IF I HAD a nickel each time somebody asked for a feature that was a security hole ...

I’d have a lot of nickels.

We begin this chapter by looking at features that are actually security holes and then move on to other security-related matters.

World-writable files

“I WANT A file that all users can write to. My program will use it as a common database of goodies.”

This is a security hole. For a start, there’s an obvious denial-of-service attack by having a user open the file in exclusive mode and never letting go. There’s also a data-tampering attack, where the user opens the file and writes zeros all over it or merely alters the data in subtle ways. Your music index suddenly lost all its Britney Spears songs. (Then ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required