> -----Original Message----- > From: Jose Nazario [mailto:joseat_private] > Sent: Friday, January 24, 2003 4:04 AM > To: jeremydat_private > Cc: secprogat_private > Subject: Re: Secure programming FAQ? > > > On Fri, 24 Jan 2003 jeremydat_private wrote: > > > I'm curious if anyone maintains a FAQ or something similar that > > discusses common failures of programmers in regards to security? I > > would especially be interested in common mistakes as well as real > > world solutions to those mistakes. > > there are a couple of well maintained, freely available > documets you should check out. one is a bit smaller than the > other but they're both big and will be at least a few days' > of reading: > > Secure UNIX Programming FAQ > http://www.whitefang.com/sup/ > > Secure Programming for Linux and Unix HOWTO > http://www.dwheeler.com/secure-programs/ > > the others are worth reading: > > Secure UNIX Programming FAQ (from comp.security.unix, dated) > http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/ > > How to Write Secure Code (cool set of links) > http://www.shmoo.com/securecode/ > > > looking this over again it's all UNIX specific. i do not know > what would be the good Win32 programming FAQs, i expect > someone will offer a good list for the archives. > > ___________________________ > jose nazario, ph.d. joseat_private > http://www.monkey.org/~jose/ > 15 Tips for Secure Win32 Programming by Michael Howard : http://archive.devx.com/upload/free/features/zones/security/articles/200 0/12dec00/mh1200/mh1200-1.asp ---------------- Bl4ck Tigerz Security Team http://tigers.front.ru
This archive was generated by hypermail 2b30 : Fri Jan 24 2003 - 10:29:12 PST