I'm working on an application that will need to be setuid root. As my first setuid-root project, I'm extremely nervous about security. I know that the most common attack on an executable is a buffer overrun, or letting them shove more into an array that fits.
My application is entirely non-interactive, the only user input coming from command line arguments. So my question is, does C and/or C++ set up argc and argv securely? Is it safe to assume that CLI args are not a threat? That is, is their creation not a threat, I realize I must still carefully validate their input.