Bugtraq mailing list archives

Re: Article on writing secure software

From: jimd () STARSHINE ORG (Jim Dennis)
Date: Tue, 7 Apr 1998 03:06:40 -0700

Adam == Adam Shostack <adam () HOMEPORT ORG> writes:
TF == Trane Francks

TF> Perhaps I'm preaching to the converted here, but I found an
TF> interesting article in SunWorld Online regarding security and
TF> the software we write. It might be considered mandatory reading
TF> for new programmers....
TF>
TF> Take a look at:
TF>
TF> http://www.sun.com/sunworldonline/swol-04-1998\
TF>   /swol-04-security.html?040198i

Adam> If Aleph oks it, I'll plug a set of code review guidelines I
Adam> wrote about a year ago:
Adam> http://www.homeport.org/~adam/review.html

 I hope everyone here has also read one of the extent classics in
 this rarefied field:

        Matt Bishop's Writing Secure SUID Programs
        http://olympus.cs.ucdavis.edu/~bishop/secprog.html

--
Jim Dennis  (800) 938-4078              consulting () starshine org
Proprietor, Starshine Technical Services:  http://www.starshine.org
        PGP  1024/2ABF03B1 Jim Dennis <jim () starshine org>
        Key fingerprint =  2524E3FEF0922A84  A27BDEDB38EBB95A

Current thread:

Article on writing secure software Trane Francks (Apr 05)
- Re: Article on writing secure software Adam Shostack (Apr 06)
- IE EMBED Fix Aleph One (Apr 06)
- Buffer Overflow Vulnerability in suidperl/sperl program SGI Security Coordinator (Apr 06)
- suid_exec Buffer Overflow SGI Security Coordinator (Apr 06)
- perfomer_tools again J.A. Gutierrez (Apr 06)
- <Possible follow-ups>
- Re: Article on writing secure software Jim Dennis (Apr 07)