Re: Secure Coding for Newbies?

[zeno <bugtraq () cgisecurity net>]

I have collected a nice little library of secure coding documents.

www.cgisecurity.com/lib

Maybe some of these can help you out.

- zeno () cgisecurity com


> Hi, 
>
> I'm a beginner in PHP and Perl coding and would like a little help!  I've written a few small scripts for personal 
> use, but I want to start writing scripts that will be used by / open to the public, and want to write them with 
> security in the forefront. 
>
> I'm having a hard time finding specific, concrete examples of common webapp security problems and examples of how to 
> avoid them.  Many sites say "validate user input" or "avoid path traversal" or "beware of include files" but don't 
> give good examples of *how* I'm supposed to do these things! 
>
> I guess I'm looking for something along the lines of "Webapp Security for Dummies" as a building block.  Can anybody 
> point to useful resources for this?  The OWASP guide seems to be more of a guide for competent coders who already 
> know how to avoid the problems listed.  :)  
>
> Thanks!
>
> _____________________________________________________________
> Fight the power!  BlazeMail.com
>
> _____________________________________________________________
> Select your own custom email address for FREE! Get you () yourchoice com w/No Ads, 6MB, POP & more! 
> http://www.everyone.net/selectmail?campaign=tag