Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Trusted Extensions Developer's Guide
Previous Next

Developing, Testing, and Debugging an Application

You must develop, test, and debug an application on an isolated development system to prevent software bugs and incomplete code from compromising the security policy on the main system.

Follow these guidelines:

  • Remove extra debugging code, especially code that provides undocumented features and code that bypasses security checks.

  • Make application data manipulation easy to follow so that the manipulation can be inspected for security problems by an administrator before installation.

  • Test return codes for all programming interfaces. An unsuccessful call can have unpredictable results. When an unexpected error condition occurs, the application must always terminate.

  • Test all functionality by running the application at all sensitivity labels and from all roles that you expect will run the application.

    • If the program is run by an ordinary user and not by a role, start the program from the command line at the labels where the program is intended to run.

    • If the program is run by a role, start the program from the command line in the global zone or from the user role at the labels where the program is intended to run.

  • Test all functionality under privilege debugging mode so that you know whether the application has all the privileges it needs. This type of testing also determines whether the application is attempting to perform privileged tasks that it should not be performing.

  • Know the security implications of using privileges. Ensure that the application does not compromise system security by its use of privileges.

  • Know and follow good privilege bracketing practices.

    See Solaris Security for Developers Guide.

  • If you use the SUNWspro debugger or the dbx command to test a privileged application, start the debugger before you attach it to a running process. You cannot start the debugger with the command name as an argument.

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire