In this chapter, we will focus on security issues involved in the design of networked applications. Some ten years back, networking was the domain of a few special applications such as FTP, email or the then nascent World Wide Web. Today's desktops have networked calendaring tools, networked CD players, not to mention networked games. And of course, these tools have bugs that can be exploited to gain access to the acount of the user running them.
When writing an application that is supposed to serve requests received from the network, different security issues arise than in the setuid case. To some degree, a network service is more robust against compromise because an attacker can rattle a lot less knobs and dials than in the setuid case. As we've seen in chapter 3, an attacker can subvert a setuid program by playing with the umask value, the set of open files, the resource limits, environment variables, and many more.
In a network service, an attacker usually has no control over these. All an attacker can usually do is exchange data with the service itself once it is running; he is not able to restart it with different resource limits, for example, that would make attacking it easier.
On the other hand, a network service often has to operate in a lot more hostile environment. If an employee of your company exploits a hole in a setuid application and you catch him red-handed, you can stop him from doing it again. On the Internet, punishing, or even finding an attacker, ranges from hard to virtually impossible.