07-06-2009
I would also like to add that, at least for me personally and speaking in sweeping generalities which I don't like to do; I feel less secure with "closed code" than "open code".
For me, I can easily trust what I can see. I can search open code more easily (and look for problems) than I can search a binary or encrypted code like encrypted PHP (which I cannot search at all).
Recently, I refused to install encrypted PHP on a web site for that exact reason. I do not trust code I cannot see and see no reason to install encrypted PHP code when I can find open alternatives.
As I mentioned before, I don't normally like to respond to generalizations without context, so I am simply providing my personal opinion, and that is that I (my personal opinion) feel more secure when I can examine the code, grep it, search it, add debug statements, etc.
6 More Discussions You Might Find Interesting
1. Post Here to Contact Site Administrators and Moderators
This is a slick looking forum. Any chance on making the code for the forum open source? (1 Reply)
Discussion started by: ecupirate1998
1 Replies
2. IP Networking
Hello there,
I wanted to know the members' opinion about the best open source network management software which uses a web browser to show its interface and results.
I am interested in the software for both windows and Linux OSs.
Thanks. (4 Replies)
Discussion started by: Jawwad
4 Replies
3. UNIX for Dummies Questions & Answers
Hello
What is the best open source anti virus?
Thanks (4 Replies)
Discussion started by: mohammadmahdi
4 Replies
4. UNIX for Dummies Questions & Answers
Hello
what is the best open source antispam?
Thanks http://www.linuxforums.org/forum/images/smilies/icon_smile.gif (1 Reply)
Discussion started by: mohammadmahdi
1 Replies
5. Shell Programming and Scripting
Hi Friends
I'm new to this UNIX - I'm working on the porting project from Solaris To Linux i just want to map some commands from solaris to Linux so can any one please tell me how to get the source code of the commands like "ls", "cu", "du"
Regards
sabee (1 Reply)
Discussion started by: sabee.prakash
1 Replies
6. Fedora
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Discussion started by: sreyan32
21 Replies
LEARN ABOUT FREEBSD
_secure_path
_SECURE_PATH(3) BSD Library Functions Manual _SECURE_PATH(3)
NAME
_secure_path -- determine if a file appears to be secure
LIBRARY
System Utilities Library (libutil, -lutil)
SYNOPSIS
#include <sys/types.h>
#include <libutil.h>
int
_secure_path(const char *path, uid_t uid, gid_t gid);
DESCRIPTION
This function does some basic security checking on a given path. It is intended to be used by processes running with root privileges in
order to decide whether or not to trust the contents of a given file. It uses a method often used to detect system compromise.
A file is considered 'secure' if it meets the following conditions:
1. The file exists, and is a regular file (not a symlink, device special or named pipe, etc.),
2. Is not world writable.
3. Is owned by the given uid or uid 0, if uid is not -1,
4. Is not group writable or it has group ownership by the given gid, if gid is not -1.
RETURN VALUES
This function returns zero if the file exists and may be considered secure, -2 if the file does not exist, and -1 otherwise to indicate a
security failure. The syslog(3) function is used to log any failure of this function, including the reason, at LOG_ERR priority.
SEE ALSO
lstat(2), syslog(3)
HISTORY
Code from which this function was derived was contributed to the FreeBSD project by Berkeley Software Design, Inc.
BUGS
The checks carried out are rudimentary and no attempt is made to eliminate race conditions between use of this function and access to the
file referenced.
BSD
May 2, 1997 BSD