Rules for Safe SUID Programming1. Do not use SUID shell scripts. 2. Never, ever, under any circumstances, use SUID C-shell scripts. 3. Always manually set your IFS. 4. Always manually set your PATH and use absolute path names. 5. Understand how the programs you call work, and how they handle arguments. 6. Do not use temporary files. If you must, don't put them in a publicly writable area. 7. Distrust and check all user input and eliminate dangers such as meta-characters. |