Updating existing programs

Edit online

Existing privileged or trusted programs generally function correctly on a trusted system without change.

However, certain changes can be made to enhance the level of trust and/or upward compatibility of these programs. Many of the recommendations for creating new programs also apply to updating existing programs. The following recommendations particularly apply:

  • Programs that test to determine whether they are privileged processes (that is, whether the effective user ID is 0) should be modified in accordance with the guidelines in Direct Privilege Checking
  • Code that manipulates the standard UNIX system permission bits (the mode bits) should be changed to reflect the possible existence of ACLs
  • Code that used to run as setuid-to-root should be examined for the use of privileges and should have the appropriate privileges assigned