My doubts of validation issues in the book

Article:		Apache Web Serving with Jaguar, Part 3
Subject:		My doubts of validation issues in the book
Date:		2004-01-15 03:56:15
From:		anonymous2

Dear colleagues, I how some doubts I want to comment with you all . When information is received from an untrusted source it must be validated prior to processing it. In the case of the aforementioned talkd hole, the daemon should have made sure the path to the terminal file was indeed correct. This could have been done by simply checking the password database, making sure the ownership matched, and that the terminal path did indeed point to a terminal. Later in the FAQ, the concept of the least privilege principle is explained, and it would have worked wonders with the aforementioned security hole. Many Thanks Tarik Computer Science Dep. Tanzania University ___________________________________________________________ Try Free Mail with http://www.mail-translator.biz best translator resources in Africa For Europe: [France] http://www.mail-translator.biz/France - [Germany] http://www.mail-translator.biz/Germany - [Italy] http://www.mail-translator.biz/Italy - [Portugal] http://www.mail-translator.biz/Portugal - [Spain] http://www.mail-translator.biz/Spain