## Vulnerabilities Glossary

* LD_PRELOAD: hijacking functions to a shared library: you can set this enviroment variable direct to the linker to load a library of your choice.

### Common Vulnerabilities:

* Authentication: to not require authentication in a situation that warrants it; information isn't trustworthy (authentication in the client side).

* Authorization: there are several formal designs for access control: discretionary access control, mandatory access control, role-based access control. Vulnerabilities: missing authorization (webpages).

* Accountability: expectation that a system can identify and log users' activities. Vulnerabilities:  system's failure to log operations in sensitive data; system doesn't protect its data.

* Confidentiality: expectation that only authorized parties can view data. Vulnerabilities: failure/lack in encryption, homemade encryption, storing sensitive data unnecessarily.

* Integrity: the expectation that only authorized parties are able to modify the data. Vulnerabilities: failure in access control, failure in confidentiality, bail-and-switch attack.

* Availability: capability to use a resource when expected. Vulnerability: DoS.