Obviously, OS-based file permissions are beyond the control of the programmer. However, it is encumbent upon the developer to open each file with the permissions needed and to close it as soon after using it as practicable. While this security policy must obviously be weighed against runtime efficiency, the best way to do this is to cluster one's file access as much as possible -- using periodic caching of small files or snippets of larger files in RAM as necessary.
Programming Secure Web Applications in Python
By Al Lukaszewski, About.com
Prev
- What is Secure Programming?
- Validate Input to Avoid Injections
- Broken Access Controls
- Broken Authentication and Session Management
- Cross Site Scripting (XSS)
- Proper Error Handling
- Insecure Storage
- Denial of Service
- Configuration Management
- Buffer Overflows
Explore Python
Must Reads
More from About.com
New Year, New You
Take action today to accomplish your biggest goals with these motivating ideas.
Best Moves in a Bad Economy
Stay on top in this tough economy with our smart, easy-to-follow financial tips.
©2009 About.com, a part of The New York Times Company.
All rights reserved.