1. Operate with least privilege Hold privileges only while they're required. Drop privileges permanently when they'll never be used again. A privileged program should never exec a shell unless the environment can silently ignore set-user-ID and set-group-ID permissions. Close all unnecessary file descriptors before an exec. 2. Avoid exposing sensitive information Use mlock to lock access to the virtual memory page in use. Prevent core dumps by using setrlimit. 3. Confine the process Use capabilities and securebit flags whenever possible. Establish a chroot jail to limit the set of directories and files that a program may access. Use a virtual server: UML, Xen, KVM, etc. 4. Beware of signals and race conditions Signals should be caught, blocked, or ignored to prevent possible security problems. 5. Pitfalls of file operations and file I/O Umask should be set to a value that ensures the process never creates publicly writable files. Use seteuid and setre
https://www.davidbrennerjr.com
https://1dbjr.blogspot.com
https://github.com/davidbrennerjr