RE: Secure programming FAQ?

From: drG4nj[Bl4ck Tigerz] (drG4njat_private)
Date: Fri Jan 24 2003 - 01:10:54 PST

  • Next message: Adrian Wiesmann: "Re: Standards for developing secure software"

    > -----Original Message-----
    > From: Jose Nazario [mailto:joseat_private] 
    > Sent: Friday, January 24, 2003 4:04 AM
    > To: jeremydat_private
    > Cc: secprogat_private
    > Subject: Re: Secure programming FAQ?
    > 
    > 
    > On Fri, 24 Jan 2003 jeremydat_private wrote:
    > 
    > > I'm curious if anyone maintains a FAQ or something similar that 
    > > discusses common failures of programmers in regards to security?  I 
    > > would especially be interested in common mistakes as well as real 
    > > world solutions to those mistakes.
    > 
    > there are a couple of well maintained, freely available 
    > documets you should check out. one is a bit smaller than the 
    > other but they're both big and will be at least a few days' 
    > of reading:
    > 
    > 	Secure UNIX Programming FAQ
    > 	http://www.whitefang.com/sup/
    > 
    > 	Secure Programming for Linux and Unix HOWTO
    > 	http://www.dwheeler.com/secure-programs/
    > 
    > the others are worth reading:
    > 
    > 	Secure UNIX Programming FAQ (from comp.security.unix, dated)
    > 	http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/
    > 
    > 	How to Write Secure Code (cool set of links)
    > 	http://www.shmoo.com/securecode/
    > 
    > 
    > looking this over again it's all UNIX specific. i do not know 
    > what would be the good Win32 programming FAQs, i expect 
    > someone will offer a good list for the archives.
    > 
    > ___________________________
    > jose nazario, ph.d.			joseat_private
    > 					http://www.monkey.org/~jose/
    > 
    
    15 Tips for Secure Win32 Programming  by Michael Howard :
    http://archive.devx.com/upload/free/features/zones/security/articles/200
    0/12dec00/mh1200/mh1200-1.asp
    
    ----------------
    Bl4ck Tigerz Security Team
    http://tigers.front.ru
    



    This archive was generated by hypermail 2b30 : Fri Jan 24 2003 - 10:29:12 PST