2.1 Immunize Programs That Grant Privilege

Programs that need profiling are those that mediate privilege. The following programs have access to resources that the person using the program does not have, so they grant the privilege to the user when used:

cron jobs

Programs that are run periodically by cron. Such programs read input from a variety of sources and can run with special privileges, sometimes with as much as root privilege. For example, cron can run /usr/bin/updatedb daily to keep the locate database up to date with sufficient privilege to read the name of every file in the system. For instructions for finding these types of programs, refer to Section 2.2.1, Immunizing Cron Jobs.

Web Applications

Programs that can be invoked through a Web browser, including CGI Perl scripts, PHP pages, and more complex Web applications. For instructions on finding these types of programs, refer to Section 2.2.2, Immunizing Web Applications.

Network Agents

Programs (servers and clients) that have open network ports. User clients such as mail clients and Web browsers, surprisingly, mediate privilege. These programs run with the privilege to write to the user's home directories and they process input from potentially hostile remote sources, such as hostile Web sites and e-mailed malicious code. For instructions on finding these types of programs, refer to Section 2.2.3, Immunizing Network Agents.

Conversely, unprivileged programs do not need to be profiled. For instance, a shell script might invoke the cp program to copy a file. Because cp does not have its own profile, it inherits the profile of the parent shell script, so can copy any files that the parent shell script's profile can read and write.