Security Basics mailing list archives

Re: Writing secure code

From: "Chris Berry" <compjma () hotmail com>
Date: Mon, 23 Dec 2002 17:12:27 -0800

On Sat, Dec 21, 2002 at 07:19:42PM +0530, Rahul Chander Kashyap wrote:
I've been going through some articles on how to write secure code esp.
from: http://www.shmoo.com/securecode/
I am looking for something more specific for the windows platform. Are
there any specific guidelines/standards that one could follow?
And one more thing...<this one might be intresting ;-)>  Is it possible
to write code that is completely secure and not exploitable?

Probably not possible, but the two most common problems that cause mostsecurity errors is buffer overruns, and malicious input. Make sure yourcode does an excellent job of handling those two conditions and you'll cutout the vast majority of problems.


Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"Live dangerously, overclock your servers."

_________________________________________________________________

MSN 8: advanced junk mail protection and 3 months FREE*.http://join.msn.com/?page=features/junkmail&xAPID=42&PS=47575&PI=7324&DI=7474&SU=http://www.hotmail.msn.com/cgi-bin/getmsg&HL=1216hotmailtaglines_advancedjmf_3mf

Current thread:

Writing secure code Rahul Chander Kashyap (Dec 23)
- Re: Writing secure code Michael Boman (Dec 23)
- Re: Writing secure code Pablo Gietz (Dec 27)
- <Possible follow-ups>
- Re: Writing secure code Chris Berry (Dec 24)