6.8.4 File Library Security Concerns
There is no security once the executed programs are offered the possibility to
read and especially write files.
Here is some of what will happen when reading or writing files:
- Application will stall indefinitely (while the operating system tries to figure
out whether it should or should not perform that requested I/O).
- The disk will run full, and it will be only the application (using this file
library) to blame.
- Memory will run exhausted. One way or the other.
- All the data of the user will be lost. The data that is the most important to
the user. The only that really matter(ed). Ever.
- Sensitive data may get read and handed to the bad people.
- Considering the modern semantics of files and file operations, anything may
pose as file and any operation may pose as a file operation (either open, read,
write or whatever). Anything may result as a consequence of allowing I/O for
the executed programs.
This file library offers no controls over what is read or written. Over what
other I/O operations are made available. Over how much is read or written.
Over for how long.
The file library is better not used by applications for extension purposes. It
is meant used by interpreters that have no other business but to execute
whatever user desires.