RE: Secure programming FAQ?

From: drG4nj[Bl4ck Tigerz] (drG4nj@smtp.ru)
Date: 01/24/03

Next message: Adrian Wiesmann: "Re: Standards for developing secure software"

Previous message: Jason Coombs: "RE: PGP scripting..."
In reply to: Jose Nazario: "Re: Secure programming FAQ?"
Next in thread: Rob McMillen: "webserver cgi question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "drG4nj[Bl4ck Tigerz]" <drG4nj@smtp.ru>
To: <secprog@securityfocus.com>
Date: Fri, 24 Jan 2003 12:10:54 +0300

> -----Original Message-----
> From: Jose Nazario [mailto:jose@monkey.org]
> Sent: Friday, January 24, 2003 4:04 AM
> To: jeremyd@linkline.com
> Cc: secprog@securityfocus.com
> Subject: Re: Secure programming FAQ?
>
>
> On Fri, 24 Jan 2003 jeremyd@linkline.com wrote:
>
> > I'm curious if anyone maintains a FAQ or something similar that
> > discusses common failures of programmers in regards to security? I
> > would especially be interested in common mistakes as well as real
> > world solutions to those mistakes.
>
> there are a couple of well maintained, freely available
> documets you should check out. one is a bit smaller than the
> other but they're both big and will be at least a few days'
> of reading:
>
> Secure UNIX Programming FAQ
> http://www.whitefang.com/sup/
>
> Secure Programming for Linux and Unix HOWTO
> http://www.dwheeler.com/secure-programs/
>
> the others are worth reading:
>
> Secure UNIX Programming FAQ (from comp.security.unix, dated)
> http://www.faqs.org/faqs/unix-faq/programmer/secure-programming/
>
> How to Write Secure Code (cool set of links)
> http://www.shmoo.com/securecode/
>
>
> looking this over again it's all UNIX specific. i do not know
> what would be the good Win32 programming FAQs, i expect
> someone will offer a good list for the archives.
>
> ___________________________
> jose nazario, ph.d. jose@monkey.org
> http://www.monkey.org/~jose/
>

15 Tips for Secure Win32 Programming by Michael Howard :
http://archive.devx.com/upload/free/features/zones/security/articles/200
0/12dec00/mh1200/mh1200-1.asp

----------------
Bl4ck Tigerz Security Team
http://tigers.front.ru

Next message: Adrian Wiesmann: "Re: Standards for developing secure software"
Previous message: Jason Coombs: "RE: PGP scripting..."
In reply to: Jose Nazario: "Re: Secure programming FAQ?"
Next in thread: Rob McMillen: "webserver cgi question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]