<HTML ><HEAD ><TITLE >Carefully Call Out to Other Resources</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="Secure Programming for Linux and Unix HOWTO" HREF="index.html"><LINK REL="PREVIOUS" TITLE="Be Careful with Data Types" HREF="careful-typing.html"><LINK REL="NEXT" TITLE="Call Only Safe Library Routines" HREF="call-only-safe.html"></HEAD ><BODY CLASS="CHAPTER" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >Secure Programming for Linux and Unix HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="careful-typing.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="call-only-safe.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="CHAPTER" ><H1 ><A NAME="CALL-OUT" ></A >Chapter 8. Carefully Call Out to Other Resources</H1 ><TABLE BORDER="0" WIDTH="100%" CELLSPACING="0" CELLPADDING="0" CLASS="EPIGRAPH" ><TR ><TD WIDTH="45%" > </TD ><TD WIDTH="45%" ALIGN="LEFT" VALIGN="TOP" ><I ><P ><I >Do not put your trust in princes, in mortal men, who cannot save.</I ></P ></I ></TD ></TR ><TR ><TD WIDTH="45%" > </TD ><TD WIDTH="45%" ALIGN="RIGHT" VALIGN="TOP" ><I ><SPAN CLASS="ATTRIBUTION" >Psalms 146:3 (NIV)</SPAN ></I ></TD ></TR ></TABLE ><DIV CLASS="TOC" ><DL ><DT ><B >Table of Contents</B ></DT ><DT >8.1. <A HREF="call-only-safe.html" >Call Only Safe Library Routines</A ></DT ><DT >8.2. <A HREF="limit-call-outs.html" >Limit Call-outs to Valid Values</A ></DT ><DT >8.3. <A HREF="handle-metacharacters.html" >Handle Metacharacters</A ></DT ><DT >8.4. <A HREF="call-intentional-apis.html" >Call Only Interfaces Intended for Programmers</A ></DT ><DT >8.5. <A HREF="check-returns.html" >Check All System Call Returns</A ></DT ><DT >8.6. <A HREF="avoid-vfork.html" >Avoid Using vfork(2)</A ></DT ><DT >8.7. <A HREF="embedded-content-bugs.html" >Counter Web Bugs When Retrieving Embedded Content</A ></DT ><DT >8.8. <A HREF="hide-sensitive-information.html" >Hide Sensitive Information</A ></DT ></DL ></DIV ><P >Practically no program is truly self-contained; nearly all programs call out to other programs for resources, such as programs provided by the operating system, software libraries, and so on. Sometimes this calling out to other resources isn't obvious or involves a great deal of ``hidden'' infrastructure which must be depended on, e.g., the mechanisms to implement dynamic libraries. Clearly, you must be careful about what other resources your program trusts and you must make sure that the way you send requests to them.</P ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="careful-typing.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="call-only-safe.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Be Careful with Data Types</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" > </TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Call Only Safe Library Routines</TD ></TR ></TABLE ></DIV ></BODY ></HTML >
