System Administration Guide
Chapter 5, Maintaining system security

Understanding how trusted features affect programs

Understanding how trusted features affect programs

This section discusses features that affect system system programs (including daemons), and lists examples of procedural and programming changes that must be made to add and run new daemons properly on a trusted system. These will ensure that the daemons are started with proper identity and privilege, encounter no surprises if the system acts differently due to security features, and handle boundary conditions and failure cases properly.

You must carefully consider how each daemon program can run with proper behavior and safety. You should carefully test the daemon in a controlled environment and observe that it acts properly before opening it up for general use. This leads to fewer security problems introduced into your system, and fewer surprises when users attempt to use the daemon and receive unexpected results.

These features are discussed: