Index
| A number represents a single reference to a topic. |
| A number with a "+" sign represents a longer discussion of a topic. |
|
Symbols A B C D E F G H I K L M N O P R S T U V W X
| A |
|
access control
1
|
|
applications
|
| |
interfaces
1+
|
|
arguments, command line
1
2
|
|
argv(0)
1
|
|
audit logs
1
|
|
authentication
1
2
|
|
authopen
1
|
|
Authorization Services
1
|
|
authorization
|
| |
granting
1
|
| |
revoking
1
|
|
AuthorizationExecWithPrivilege
1
|
| B |
|
buffer overflows
1
2+
|
| |
calculating buffer sizes
1+
|
| |
checklist
1
|
| |
detecting
1
|
| |
integer arithmetic
1
|
| |
strings
1
|
|
buffer overflows See also heap, stack
1
|
| C |
|
certificates digital certificates
1
|
|
CFBundle
1
|
|
chflags
1
|
|
chmod
1
|
|
chown
1
|
|
close-on-exec flag
1
|
|
code insertion
1
|
|
command-line arguments
1
2
|
|
command-line tools
1
|
|
configuration files
1
|
| D |
|
default settings
1
|
|
denial of service
1
2
|
|
device ID
1
|
|
digital certificate
|
| |
identity
1
|
|
digital certificates
1
|
|
document organization
1
|
|
dyld
1
|
|
dynamic link editor
1
|
| E |
|
elevated privileges
1
2
|
|
encryption
1
|
|
environment variables
1
2
|
| F |
|
fchmod
1
|
|
fchown
1
|
|
file descriptor
1
2
|
| |
inheriting
1
|
|
file descriptors
1
|
|
file locations
1
|
|
file operations
|
| |
Carbon
1
|
| |
Cocoa
1
|
| |
insecure
1
2+
|
| |
POSIX
1
|
|
file system, remotely mounted
1
|
|
files
|
| |
temporary
1
|
|
FileVault
1
|
|
firewall
1
|
|
fopen
1
|
|
format string attacks
1
|
|
fstat
1
|
|
fuzzing
1
|
| G |
|
GID
1
|
|
group ID
1
|
|
guest access
1
|
|
GUI
1
|
| H |
|
hard link
1
|
|
hash function
1
2
|
|
heap
1
|
| |
overflow
1
2
|
| I |
|
identity
1
|
|
input validation
1
|
|
input
|
| |
data structures
1
|
| |
inappropriate
1
|
| |
testing
1
|
| |
to audit logs
1
|
| |
types of
1
|
| |
validating
1
2+
3
|
|
insecure file operations
1
2+
|
|
installer
1
|
|
integer overflows
1
|
|
interface, user
1
|
|
ipfw
1
|
| K |
|
Kerberos
1
|
|
kernel extensions
1
2
|
|
kernel messages
1
|
|
kernel
|
| |
checklist
1
|
|
KEXT
1
|
| L |
|
launchd
1
2
|
|
least privilege, principle of
1
|
|
left bracket
1
|
|
libbsm
1
|
|
/Library/StartupItems
1
|
|
logs, audit
1
|
|
lstat
1
|
| M |
|
Mach ports
1
|
|
mkstemp
1
2
|
|
mktemp
1
|
| N |
|
negative numbers
1
|
|
network ports
1
|
|
nobody user
1
|
|
NSBundle
1
|
|
NSTemporaryDirectory
1
|
| O |
|
open
1
|
|
organization of document
1
|
| P |
|
passwords
1
|
|
permissions
1
|
|
permissions See also privileges
|
|
phishing
1
|
|
plug-ins
1
|
|
policy database
1
2
|
|
port numbers
1
|
|
ports, Mach
1
|
|
private key
|
| |
identity
1
|
|
privileges
1
2+
|
| |
elevated
1
2
|
| |
level, changing
1
|
| |
principle of least privilege
1
|
| |
root
1
|
|
process limits
1
|
| R |
|
race conditions
1
2
|
| |
interprocess communication
1
|
| |
scripts
1
|
| |
time of check–time of use
1+
|
| | |
1+
|
|
references
1
|
|
remotely mounted file system
1
|
|
rm
1
|
|
root kit
1
|
|
root privileges
1
|
| S |
|
scripts, avoiding race conditions
1
|
|
Security Objective-C API
1
|
|
setegid
1
|
|
seteuid
1
|
|
setgid
1
|
|
setregid
1
|
|
setreuid
1
|
|
setrlimit
1
|
|
setuid
1
2
|
|
SFAuthorizationView
1
|
|
SFCertificatePanel
1
|
|
SFCertificateTrustPanel
1
|
|
SFCertificateView
1
|
|
SFChooseIdentityPanel
1
|
|
SFKeychainSavePanel
1
|
|
SFKeychainSettingsPanel
1
|
|
shell commands
1
|
|
signal handler
1
|
|
social engineering
1
2
3
|
|
stack
1
|
| |
overflow
1+
|
|
stat
1
|
|
string-handling functions
1
2
|
|
sudo
1
|
|
symbolic link
1
|
|
syslog
1
|
|
SystemStarter
1
|
| T |
|
temporary files
1
2
3
|
| |
and scripts
1
|
| |
default location
1
|
|
test
1
|
|
|
|
twos-complement arithmetic
1
|
| U |
|
UID
1
|
| |
unique
1
|
|
umask
1
|
|
URL commands
1
2
|
|
user ID
1
|
|
user interface
1
|