On Fri, 24 Jan 2003 jeremydat_private wrote: > I'm curious if anyone maintains a FAQ or something similar that > discusses common failures of programmers in regards to security? I > would especially be interested in common mistakes as well as real world > solutions to those mistakes. there are a couple of well maintained, freely available documets you should check out. one is a bit smaller than the other but they're both big and will be at least a few days' of reading: Secure UNIX Programming FAQ http://www.whitefang.com/sup/ Secure Programming for Linux and Unix HOWTO http://www.dwheeler.com/secure-programs/ the others are worth reading: Secure UNIX Programming FAQ (from comp.security.unix, dated) http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ How to Write Secure Code (cool set of links) http://www.shmoo.com/securecode/ looking this over again it's all UNIX specific. i do not know what would be the good Win32 programming FAQs, i expect someone will offer a good list for the archives. ___________________________ jose nazario, ph.d. joseat_private http://www.monkey.org/~jose/
This archive was generated by hypermail 2b30 : Thu Jan 23 2003 - 17:14:28 PST