---

7.11.3 File Library Security Concerns

There is no security once the executed programs are offered the possibility to read and especially write files.

Here is some of what will happen when reading or writing files:

• Application will stall indefinitely (while the operating system tries to figure out whether it should perform the requested I/O).
• The disk will run full, and it will be only the application (using this file library) to blame.
• Memory will be exhausted. One way or the other.
• All the data of the user will be lost. The data that is so important to the user. The only thing that really mattered. Ever.
• Sensitive data will be read and handed to bad people.
• Considering the modern semantics of files and file operations, anything may pose as file and any operation may pose as a file operation (either open, read, write or whatever). Anything may result as a consequence of allowing I/O for the executed programs.

This file library offers no controls over what is read or written. Over what other I/O operations are made available. Over how much is read or written. Over for how long.

The file library is better not used by applications for extension purposes. It is meant used by interpreters that have no other business but to execute whatever the user desires.

Functions opening system files may be left out at the file library object construction. When they are, the file library should pose no significant security concern.

See File Library Generation Flags.