6.8.4 File Library Security Concerns

There is no security once the executed programs are offered the possibility to read and especially write files.

Here is some of what will happen when reading or writing files:

• Application will stall indefinitely (while the operating system tries to figure out whether it should or should not perform that requested I/O).
• The disk will run full, and it will be only the application (using this file library) to blame.
• Memory will run exhausted. One way or the other.
• All the data of the user will be lost. The data that is the most important to the user. The only that really matter(ed). Ever.
• Sensitive data may get read and handed to the bad people.
• Considering the modern semantics of files and file operations, anything may pose as file and any operation may pose as a file operation (either open, read, write or whatever). Anything may result as a consequence of allowing I/O for the executed programs.

This file library offers no controls over what is read or written. Over what other I/O operations are made available. Over how much is read or written. Over for how long.

The file library is better not used by applications for extension purposes. It is meant used by interpreters that have no other business but to execute whatever user desires.