Sophie

Sophie

distrib > Mandriva > 9.2 > i586 > by-pkgid > a804ef007a99f7d26cf24253c2994680 > files > 1292

howto-html-ja-9.1-0.5mdk.noarch.rpm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<HTML>
<HEAD>
 <META NAME="GENERATOR" CONTENT="SGML-Tools 1.0.9">
 <TITLE>Secure Programming for Linux HOWTO: $BF~NO$5$l$k$b$N$9$Y$F$r8!>Z$9$k$3$H(B</TITLE>
 <LINK HREF="Secure-Programs-HOWTO-5.html" REL=next>
 <LINK HREF="Secure-Programs-HOWTO-3.html" REL=previous>
 <LINK HREF="Secure-Programs-HOWTO.html#toc4" REL=contents>
</HEAD>
<BODY>
<A HREF="Secure-Programs-HOWTO-5.html">$B<!$N%Z!<%8(B</A>
<A HREF="Secure-Programs-HOWTO-3.html">$BA0$N%Z!<%8(B</A>
<A HREF="Secure-Programs-HOWTO.html#toc4">$BL\<!$X(B</A>
<HR>
<H2><A NAME="s4">4. $BF~NO$5$l$k$b$N$9$Y$F$r8!>Z$9$k$3$H(B</A></H2>

<P>$BF~NO$K$O!"?.Mj$G$-$J$$%f!<%6$+$i$N$b$N$b$"$j$^$9!#$=$3$G!";HMQ$9$kA0$K$=$l$i(B
$B$r8!::(B($BA*JL(B)$B$9$kI,MW$,$"$j$^$9!#(B
$B$^$:2?$,@5$7$$$+$rDj5A$7$F!"$=$NDj5A$K%^%C%A$7$J$$$b$N$9$Y$F$r5qH]$9$k$h$&$K(B
$B$7$J$1$l$P$$$1$^$;$s!#(B
$B$=$N5U$NDj5A$N$7$+$?$r$7$F$O$$$1$^$;$s(B($B2?$,IT@5$+$rDj5A$7!"$=$l$i$r5qH]$9$k(B)$B!#(B
$B$J$<$J$i!"=EMW$J%1!<%9$NDj5A$r$&$C$+$jK:$l$F$7$^$&$+$b$7$l$J$$$+$i(B
$B$G$9!#(B
$BJ8;zNsD9$N:GBgCM$r@)8B$7$F$/$@$5$$(B($BI,MW$,$"$k$J$i:G>.CM$b(B)$B!#$=$7$F!"D9$5$r(B
$BD6$($F$7$^$C$?>l9g$G$b%7%9%F%`$,K=Av$7$J$$$3$H$r3N$+$a$F$/$@$5$$(B
($B2<5-$N%P%C%U%!%*!<%P!<%U%m!<$N%;%/%7%g%s$G$b$&>/$7>\$7$/=R$Y$^$9$N$G!"(B
$B8+$F$/$@$5$$(B)$B!#(B
<P>$BJ8;zNs$N>l9g$O!"$=$N%7%9%F%`$K$H$C$F@5$7$$%-%c%i%/%?$H@5$7$$%Q%?!<%s(B($B$?$H(B
$B$($P@55,I=8=$J$I(B) $B$rL@$i$+$K$7$F$*$-!"$=$N7A<0$K9g$o$J$$$b$N$9$Y$F$r5qH](B
$B$9$k$h$&$K$7$F$/$@$5$$!#(B
$BJ8;zNs$K%3%s%H%m!<%k%-%c%i%/%?(B($BFC$K2~9T$d(B NIL)$B$d%7%'%k$N%a%?%-%c%i%/%?$,(B
$B4^$^$l$F$$$k>l9g!"IaDL$NJ8;zNs$G$O5/$3$jF@$J$$LdBj$,@8$8$^$9!#LdBj$rHr$1$k(B
$B$?$a$K!"$=$N$h$&$J%a%?%-%c%i%/%?$,F~NO$5$l$?$i$9$0$K!V%(%9%1!<%W!W$7$F!"(B
$B4V0c$C$F%W%m%0%i%`$KAw$i$l$k$3$H$,$J$$$h$&$K$9$k$N$,0lHV$G$9!#(B
CERT $B$O$3$N9M$(J}$r$5$i$K?d$7?J$a$F!"%(%9%1!<%W$9$kI,MW$,$J$$%-%c%i%/%?$N(B
$B0lMw$K:\$C$F$$$J$$$b$N$9$Y$F$r%(%9%1!<%W$9$k$3$H$r?d>)$7$F$$$^$9(B
[CERT 1998, CMU 1998]$B!#(B
$B>\:Y$K$D$$$F$O!"2<5-$N!V@5$7$$CM$G$@$18F$S=P$9$3$H!W$r;2>H$7$F$/$@$5$$!#(B
<P>$B?t;z$9$Y$F$KBP$7$F!"5vMF$G$-$k:G>.CM(B($B$?$$$F$$$O%<%m(B)$B$H:GBgCM$r@_$1$^$7$g$&!#(B
$B%U%!%$%kL>$O%A%'%C%/$7$J$1$l$P$$$1$^$;$s!#0lHLE*$K!V(B..$B!W(B($B>e0L%G%#%l%/%H%j(B)$B$r(B
$B@5$7$$CM$H8+$J$7$F$O$$$1$^$;$s!#(B
$B%U%!%$%kL>$rI=$o$9>l9g$K$O!"%G%#%l%/%H%j$NJQ99$H$J$kF0:n$r$I$s$J>l9g$G$b6X;_(B
$B$9$k$3$H$,0lHV$G$9!#$?$H$($P!"!V(B/$B!W$r@5$7$$%-%c%i%/%?$NCg4V$KF~$l$F$O$$$1$^(B
$B$;$s!#(B
$BEE;R%a!<%k$N%"%I%l%9$r40A4$K%A%'%C%/$9$k$3$H$O!"8=<BE*$K$H$F$b:$Fq$G$9!#(B
$B$H$$$&$N$b!"$9$Y$F$N%1!<%9$r??LLL\$K%5%]!<%H$7$h$&$H$9$k$H!"%"%I%l%9$NCf$K$O(B
$B@5$7$$7A<0$G$O$"$k$b$N$N!"Hs>o$KJ#;($J8!>Z$rI,MW$H$9$k$b$N$,B8:_$9$k$+$i$G$9!#(B
$B$b$7$=$N$h$&$J%A%'%C%/$,I,MW$J$i!">\:Y$O(B mailaddr(7)$B$H(B IETF RFC 822 [RFC 822] 
$B$r8+$F$/$@$5$$!#(B
<P><B>$BLuCp!'(B</B> IETF$B$O!"(BInternet Engineering Task Force $B$NN,>N$G!"%$%s%?!<(B
$B%M%C%H$K4XO"$9$k5;=Q$NI8=`2=$r?J$a$k$?$a$K@_N)$5$l$?CDBN$G$9!#$3$3$,H/9T(B
$B$9$kJ8=q$,(B RFC(Requests For Comment)$B$G$9!#(B
<P>$B$3$l$i$N%F%9%H$O(B 1 $B2U=j$G=8Cf$7$F9T$J$&$h$&$K$7$F$/$@$5$$!#$=$&$9$l$P8e$G(B
$B$3$N%F%9%H$K4V0c$$$,$J$$$+$ND4::$r4JC1$K:Q$^$;$i$l$^$9!#(B
<P>$B@5$7$$F~NO$r%A%'%C%/$9$k%F%9%H$,!"K\Ev$KM=Dj$7$?DL$j$KF0:n$9$k$+$r3NG'$7$F(B
$B$/$@$5$$!#(B
$BJL$N%W%m%0%i%`$,;H$&F~NO(B($B%U%!%$%kL>$dEE;R%a!<%k%"%I%l%9!"(BURL $BEy(B)$B$r%A%'%C%/(B
$B$9$k>l9g$K$OFC$K=EMW$G$9!#(B
$B$3$l$i$N%W%m%0%i%`$O!"8+Mn$H$7$,$A$J4V0c$$$rJz$($F$$$k$3$H$,B?$/!"(B
$B$$$o$f$k!VBeM}?MLdBj!W(B($B%G!<%?$r<B:]$K;HMQ$9$k%W%m%0%i%`$H%A%'%C%/$9$k%W%m(B
$B%0%i%`$NA0Ds>r7o$,0[$J$C$F$$$k%1!<%9(B)$B$G$9!#(B
<P>$B2<5-$N%5%V%;%/%7%g%s$G$O!"%W%m%0%i%`$KBP$9$kMM!9$JF~NO$K$D$$$FO@$8$^$9!#(B
$B$3$NF~NO$K$O4D6-JQ?t$d(B umask $BCM$J$I!"%W%m%;%9$,;}$C$F$$$k>uBV$b4^$`E@$K(B
$BCm0U$7$F$/$@$5$$!#(B
$BI,$:$7$b$9$Y$F$NF~NO$,?.Mj$G$-$J$$%f!<%6$K$h$C$F9T$J$o$l$F$$$k$o$1$G$O(B
$B$"$j$^$;$s!#Cm0U$9$kI,MW$,$"$k$N$O?.Mj$G$-$J$$%f!<%6$+$i$NF~NO$@$1$G$9!#(B
<P>
<H2><A NAME="ss4.1">4.1 $B%3%^%s%I%i%$%s(B</A>
</H2>

<P>$B%W%m%0%i%`$NCf$K$O!"F~NO$N%$%s%?!<%U%'!<%9$H$7$F!"%3%^%s%I%i%$%s$r;HMQ$9$k(B
$B$b$N$,B??t$"$j$^$9!#$3$N>l9g!"0z?t$rEO$9$3$H$K$h$C$FF~NO$H$7$^$9!#(B
setuid/setgid $B$5$l$?%W%m%0%i%`$O!"?.Mj$G$-$J$$%f!<%6$+$i%3%^%s%I%i%$%s$K(B
$B$h$kF~NO$r<u$1<h$k>l9g$,$"$k$N$G!"$=$N%W%m%0%i%`<+?H$GBP=h$9$kI,MW$,$"$j$^$9!#(B
$B0lHLE*$K%f!<%6$O!"%3%^%s%I%i%$%s$r<+M3$K07$($^$9(B(execve(3)$B$N$h$&$J%7%9%F%`(B
$B%3!<%k$r;H$C$F(B)$B!#(B
$B$7$?$,$C$F!"(Bsetuid/setgid $B$5$l$?%W%m%0%i%`$O!"%3%^%s%I%i%$%s$+$i$NF~NO$r8!::(B
$B$9$kI,MW$,$"$j!"%3%^%s%I%i%$%s$N0z?t(B 0 $BHV$KEv$?$k%W%m%0%i%`L>$r?.MQ$7$F$O(B
$B$$$1$^$;$s(B($B%f!<%6$O(B NULL $B$r4^$`$I$s$JCM$b@_Dj$G$-$k$+$i$G$9(B)$B!#(B 
<P>
<H2><A NAME="ss4.2">4.2 $B4D6-JQ?t(B</A>
</H2>

<P>$B4D6-JQ?t$O!"%G%U%)%k%H$G$O?F%W%m%;%9$+$i7Q>5$5$l$^$9!#(B
$B$7$+$7$"$k%W%m%0%i%`$+$iB>$N%W%m%0%i%`$r<B9T(B(exec)$B$7$?>l9g!"4D6-JQ?t$K(B
$BG$0U$NCM$r@_Dj$G$-$^$9!#(B
setuid/setgid $B$5$l$?%W%m%0%i%`$G$O!"$3$l$O4m81$r$H$b$J$$$^$9!#$H$$$&$N$b(B
$B%W%m%0%i%`$r8F$S=P$9$3$H$G4D6-JQ?t$N%3%s%H%m!<%k$,2DG=$K$J$j!"4D6-JQ?t$r(B
$BB>$N%W%m%0%i%`$KEO$;$F$7$^$&$+$i$G$9!#(B
$BIaDL!"4D6-JQ?t$O7Q>5$5$l$F$7$^$&$?$a!"$3$N4m81@-$bF1;~$K0z$-7Q$,$l$F$7$^$$(B
$B$^$9!#(B
<P>$B4D6-JQ?t$O!"F1$8%U%#!<%k%I$KJ#?t$NCM$r@_Dj$G$-$k7A<0$G5-21$5$l$F$$$^$9(B
($B$?$H$($P(B SHELL $BJQ?t$K$O!"(B2 $B$D$NCM$r@_Dj$G$-$k(B)$B!#(B
$B%3%^%s%I%7%'%k$NBeI=E*$J$b$N$O!"$3$N@_Dj$,$G$-$J$$$h$&$K$J$C$F$$$^$9$,!"(B
$B%/%i%C%+!<$O!"$=$N$h$&$J>u67$r:n$j>e$2$i$l$^$9!#$D$^$j$3$N%1!<%9$J$i$P!"(B
$B%W%m%0%i%`$G(B 1 $B$D$NCM$O%A%'%C%/$7$^$9$,!"<B:]$OJL$NCM$r;HMQ$7$F$7$^$&(B
$B$3$H$,9M$($i$l$^$9!#(B
$B$5$i$K0-$$$3$H$K!"%i%$%V%i%j$d%W%m%0%i%`$O$?$$$F$$$N>l9g4D6-JQ?t$K$h$C$F(B
$B@)8f$5$l$F$$$k$b$N$N!"$=$NJ}K!$,$"$$$^$$$@$C$?$j!"$o$+$j$K$/$+$C$?$j!"(B
$BCf$K$O%I%-%e%a%s%H2=$5$l$F$$$J$$$b$N$,$"$C$?$j$7$^$9!#(B
$B$?$H$($P!"(BIFS $BJQ?t$O(B <I>sh</I> $B$d(B <I>bash</I> $B$G%3%^%s%I%i%$%s$N0z?t$r(B
$BJ,3d$9$k$N$K;HMQ$5$l$k%-%c%i%/%?$r;XDj$9$k$?$a$KMxMQ$5$l$F$$$^$9!#(B
$B%7%'%k$ODc%l%Y%k$N%7%9%F%`%3!<%k$rMxMQ$7$F8F$S=P$5$l$k$?$a!"(BIFS $BJQ?t$K(B
$B0[>o$JCM$r@_Dj$9$k$H!"0l8+0BA4$H;W$o$l$k%7%9%F%`%3!<%k$r4m81$J$b$N$K(B
$BJQ$($F$7$^$&62$l$,$"$j$^$9!#(B
<P>
<P>setuid/setgid $B$5$l$?%W%m%0%i%`$r0BA4$K$9$k$K$O!"4D6-JQ?t$NCf$+$iF~NO(B($B$b$7(B
$B$"$l$P(B)$B$KI,MW$H$5$l$k$b$N$rCm0U$rJ'$C$FA*$S=P$7!"C;$$%j%9%H$r:n$kI,MW$,(B
$B$"$j$^$9!#(B
$B$=$7$F4D6-JQ?tA4BN$rI=$9Bg0hJQ?t$G$"$k(B <I>environ</I> $B$K(B NULL $B$r@_Dj$7$F!"(B
$B4D6-JQ?tA4BN$r:o=|$7!"$=$N8e$KI,MW$H$J$k:G>.8B$N0BA4$JCM$r:F@_Dj$7$F$/$@$5$$(B
($B%f!<%6$N@_DjCM$O;HMQ!V$7$J$$!W$3$H(B)$B!#(B
$B4D6-JQ?t$K$O!"(BPATH($B%W%m%0%i%`$N$"$j$+$r8!:w$9$k%G%#%l%/%H%j$N%j%9%H$G$9!#(B
$B$3$l$K%+%l%s%H!&%G%#%l%/%H%j$rF~$l$F$O!V$$$1$^$;$s!W(B)$B!"(BIFS($B%G%U%)%k%H$G$O(B
$B!V(B\t\n$B!W$G$9(B)$B!"(BTZ($B%?%$%`%>!<%s(B)$B$,$"$j$^$9!#(B
<P>
<H2><A NAME="ss4.3">4.3 $B%U%!%$%k!&%G%#%9%/%j%W%?(B</A>
</H2>

<P>$B%W%m%0%i%`$K$O!V%*!<%W%s$7$?%U%!%$%k!&%G%#%9%/%j%W%?!W!"$D$^$j$"$i$+$8$a(B
$B%*!<%W%s$5$l$F$$$k%U%!%$%k$,EO$j$^$9!#(B
setuid/setgid $B$5$l$?%W%m%0%i%`$G$O!"%f!<%6$,$"$k%U%!%$%k$r%*!<%W%s$7$F!"(B
$B$=$l$rMxMQ$G$-$F$7$^$&(B($B%Q!<%_%C%7%g%s$N@)8BFb$G(B)$B$H$$$&$3$H$r5$$K$9$kI,MW$,(B
$B$"$j$^$9!#(B
setuid/setgid $B$5$l$?%W%m%0%i%`$G$O!"?7$7$/%*!<%W%s$7$?%U%!%$%k$,>o$K8GDj$7$?(B
$B%U%!%$%k!&%G%#%9%/%j%W%?(B ID $B$K3d$jEv$F$i$l$F$$$k$HA[Dj$7$F$O$$$1$^$;$s!#(B
$B$^$?C<Kv$,I8=`F~NO!"I8=`=PNO!"I8=`%(%i!<@h$K$J$C$F$$$k$3$H!"$^$?C<Kv$,(B
$B$9$G$K%*!<%W%s$5$l$F$$$k$3$H$bA0Ds$K$7$F$O$$$1$^$;$s!#(B
<P>
<H2><A NAME="ss4.4">4.4 $B%U%!%$%k$NFbMF(B</A>
</H2>

<P>$B$"$k%U%!%$%k$NFbMF$K$h$C$F!"%W%m%0%i%`$NF0:n$,:81&$5$l$k>l9g!"?.Mj$G$-$k(B
$B%f!<%6$@$1$,$=$NFbMF$rJQ99$G$-$k$N$G$J$1$l$P!"$=$N%U%!%$%k$r?.MQ$7$F$O$$$1(B
$B$^$;$s!#(B
$B$D$^$j!"?.Mj$G$-$J$$%f!<%6$,!"%U%!%$%k$d$=$N%U%!%$%k$,$"$k%G%#%l%/%H%j!"(B
$B$=$N?F%G%#%l%/%H%j$r=$@5$G$-$F$O$$$1$^$;$s!#(B
$B$=$&$G$J$1$l$P!"$=$N%U%!%$%k$r?.Mj$9$k$KCM$7$J$$$b$N$H$7$F07$o$J$1$l$P(B
$B$J$j$^$;$s!#(B
<P>
<H2><A NAME="ss4.5">4.5 CGI $B$+$i$NF~NO(B</A>
</H2>

<P>CGI $B$+$i$NF~NO$O!"<B:]$N$H$3$m4D6-JQ?t$dI8=`F~NO$H$7$F07$o$l$^$9!#(B
$B$7$?$,$C$F$3$l$i$b8!>Z$7$J$1$l$P$J$j$^$;$s!#(B
<P>CGI $B$+$i$NF~NO$NB?$/$,!"$$$o$f$k!V(BURL $B%(%s%3!<%I$5$l$?!W7A<0$K$J$C$F$$$k(B
$BE@$,8!>Z$r$h$jLq2p$K$7$F$$$^$9!#$D$^$j(B 16 $B?J?t$N(B HH $B$H$$$&%P%$%HCM$rI=$9(B
$B$K$O(B %HH $B$H$$$&7A<0$r$H$j$^$9!#(B
CGI $B$d(B CGI $B%i%$%V%i%j$O!"$3$l$i$NF~NO$rE,@Z$K%G%3!<%I$7$F!"%P%$%HCM$,@5$7$$(B
$B$+$I$&$+$r%A%'%C%/$9$kI,MW$,$"$j$^$9!#(B
%00 (NIL) $B$d(B %0A ($B2~9T(B)$B$N$h$&$J5?$o$7$$CM$r4^$`$9$Y$F$NF~NO$r4V0c$$$J$/=hM}(B
$B$7$J$1$l$P$$$1$^$;$s!#(B
$BF~NO$N%G%3!<%I$O(B 1 $B2s$@$1$K$7$F$/$@$5$$!#$G$J$$$H!"!V(B%2500$B!W$N$h$&$JF~NO$,(B
$B8m$C$F=hM}$5$l$F$7$^$$$^$9(B($B$^$:(B %25 $B$,!V(B%$B!W$KJQ49$5$l!"$=$N7k2L!V(B%00$B!W$,(B
$B4V0c$C$F(B NIL $B%-%c%i%/%?$KJQ49$5$l$F$7$^$$$^$9(B)$B!#(B
<P>$BF~NO$KFC<l$J%-%c%i%/%?$r:.$<$k$3$H$G!"(BCGI $B%9%/%j%W%H$r967b$9$k%1!<%9$,$^$^(B
$B8+$i$l$^$9!#>e5-$N2r@b$r8+$F$/$@$5$$!#(B
<P>HTML $B$N%U%)!<%`$K$O!"%/%i%$%"%s%HB&$G%A%'%C%/$r$9$k$3$H$GIT@5$JCM$rGS=|$9$k(B
$B$b$N$b$"$j$^$9!#(B
$B$3$l$O%f!<%6$K$H$C$F$OM-1W$+$b$7$l$^$;$s$,!"%;%-%e%j%F%#>e$OL50UL#$G$9!#(B
$B$H$$$&$N$b!"967b<T$O$=$N$h$&$J!VIT@5!W$JCM$rD>@\(B Web $B%5!<%P!<$KAw$jIU$1$i$l$k(B
$B$+$i$G$9!#(B
$B8e$G(B($B!V?.Mj$G$-$k7PO)$@$1?.$8$k$3$H!W$N%;%/%7%g%s(B)$B@bL@$7$^$9$,!"%5!<%P!<$O(B
$B<+J,$,<u$1<h$k$9$Y$F$NF~NO$r%A%'%C%/$9$kI,MW$,$"$j$^$9!#(B
<P>
<H2><A NAME="ss4.6">4.6 $B$=$NB>$NF~NO(B</A>
</H2>

<P>$B%W%m%0%i%`$O!"F~NO$N$9$Y$F$r%3%s%H%m!<%k$9$k$3$H$,I,?\$G$9!#(B
$B$7$+$7(B setuid/setgid $B$5$l$?%W%m%0%i%`$G$O:$Fq$r6K$a$^$9!#M}M3$O!"$=$N$h$&$J(B
$BF~NO$,$"$^$j$KB?$$$+$i$G$9!#(B
$B0lJ}!"F~NO%W%m%0%i%`$G$O2<5-$NE@$r9MN8$9$kI,MW$,$"$j$^$9!#(B
<UL>
<LI>$B%+%l%s%H%G%#%l%/%H%j(B</LI>
<LI>$B%7%0%J%k(B</LI>
<LI>$B%a%b%j!<!&%^%C%W(B(mmap)</LI>
<LI>System V $BM3Mh$N(B IPC</LI>
<LI>umask($B?75,$K%U%!%$%k$r:n@.$9$k>l9g$N%G%U%)%k%H$N%Q!<%_%C%7%g%s$r(B
$B7hDj$9$k(B)</LI>
</UL>

$B%W%m%0%i%`$r5/F0$9$k;~$K%G%#%l%/%H%j$r(B(chdir(2)$B$r;HMQ$7$F(B)$BJQ99$9$k>l9g$O!"(B
$B%U%k%Q%9;XDj$G$-$A$s$HL\E*$N%G%#%l%/%H%j$K0\F0$9$k$3$H$b9MN8$7$F$/$@$5$$!#(B
<P>
<H2><A NAME="ss4.7">4.7 $BF~NO@)8B;~4V$HIi2Y%l%Y%k$N@)8B(B</A>
</H2>

<P>$B%?%$%`%"%&%H$HIi2Y%l%Y%k$N@)8B$r@_$1$F$/$@$5$$!#FC$K%M%C%H%o!<%/7PM3$G(B
$B$d$C$F$/$k%G!<%?$K$OI,$:@)8B$r$+$1$F$/$@$5$$!#$=$&$7$J$$$H967b<T$O@d$($k$3$H(B
$B$J$/%5!<%S%9MW5a$rAw$jIU$1$k$3$H$G!"$$$H$b4JC1$K%5!<%S%9K832967b$r<B9T(B
$B$G$-$^$9!#(B
<P>
<HR>
<A HREF="Secure-Programs-HOWTO-5.html">$B<!$N%Z!<%8(B</A>
<A HREF="Secure-Programs-HOWTO-3.html">$BA0$N%Z!<%8(B</A>
<A HREF="Secure-Programs-HOWTO.html#toc4">$BL\<!$X(B</A>
</BODY>
</HTML>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional