Bugtraq mailing list archives
Re: Article on writing secure software
From: jimd () STARSHINE ORG (Jim Dennis)
Date: Tue, 7 Apr 1998 03:06:40 -0700
Adam == Adam Shostack <adam () HOMEPORT ORG> writes: TF == Trane Francks
TF> Perhaps I'm preaching to the converted here, but I found an TF> interesting article in SunWorld Online regarding security and TF> the software we write. It might be considered mandatory reading TF> for new programmers.... TF> TF> Take a look at: TF> TF> http://www.sun.com/sunworldonline/swol-04-1998\ TF> /swol-04-security.html?040198i Adam> If Aleph oks it, I'll plug a set of code review guidelines I Adam> wrote about a year ago: Adam> http://www.homeport.org/~adam/review.html I hope everyone here has also read one of the extent classics in this rarefied field: Matt Bishop's Writing Secure SUID Programs http://olympus.cs.ucdavis.edu/~bishop/secprog.html -- Jim Dennis (800) 938-4078 consulting () starshine org Proprietor, Starshine Technical Services: http://www.starshine.org PGP 1024/2ABF03B1 Jim Dennis <jim () starshine org> Key fingerprint = 2524E3FEF0922A84 A27BDEDB38EBB95A
Current thread:
- Article on writing secure software Trane Francks (Apr 05)
- Re: Article on writing secure software Adam Shostack (Apr 06)
- IE EMBED Fix Aleph One (Apr 06)
- Buffer Overflow Vulnerability in suidperl/sperl program SGI Security Coordinator (Apr 06)
- suid_exec Buffer Overflow SGI Security Coordinator (Apr 06)
- perfomer_tools again J.A. Gutierrez (Apr 06)
- <Possible follow-ups>
- Re: Article on writing secure software Jim Dennis (Apr 07)