Security Portal: Creating software packages for Linux - do's and don'ts.Mar 01, 2000, 18:14 (0 Talkback[s])
(Other stories by Kurt Seifried)
"Linux has been growing in popularity, and with that has come an increase in third party software available for Linux. Unfortunately it seems that Linux software vendors are intent on making the same mistakes made by other third party software vendors for UNIX. If you have ever read security advisories for UNIX software you have probably noticed that the same problems occur over and over again. This article will catalog some of the most common problems, ways to detect them (so you can then bug your software vendor), and solutions to them. Additionally I will list some of the more advanced techniques for ensuring continued system integrity in the event of a failure of a software package."
"World writeable files and directories
"Temporary (tmp) files