Bugtraq mailing list archives
Summary: Secure Programming References
From: aleph1 () DFW NET (Aleph One)
Date: Tue, 21 Jul 1998 13:47:31 -0500
This is a summary of secure programming references. Thanks to the folks that contributed. http://www.sun.com/sunworldonline/swol-04-1998/swol-04-unixsecurity.html http://www.sun.com/sunworldonline/swol-04-1998/swol-04-security.html http://www.homeport.org/~adam/review.html http://olympus.cs.ucdavis.edu/~bishop/secprog.html http://www.research.att.com/~smb/talks/odds.[ps|pdf] http://www.pobox.com/~kragen/security-holes.txt Chapter 22 in "Practical UNIX & Internet Security" is called "Writing Secure SUID and Network Programs". "Writing Solid Code", published by Microsoft Press (I forget the author). The book actually focuses on writing bug-free software, and not on security issues, but there's definitely a large overlap there. Take the SANS course on security programming taught by Matt Bishop. It is very highly rated by those that have attended. The next SANS is in October down in Orlando. See www.sans.org 1:30 - 5:30 pm - 'Writing Secure Programs' Thanks to: Tom Hall <thall () redrose net> Marko Milivojevic <M.Milivojevic () f bg ac yu> Wilson Roberto Afonso <wilson () zaz com br> Joseph Pung <Pungj () meijer com> Doug Hughes <Doug.Hughes () Eng Auburn EDU> Kragen <kragen () pobox com> Steven M. Bellovin <smb () research att com> Aleph One / aleph1 () dfw net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Current thread:
- Summary: Secure Programming References Aleph One (Jul 21)