[2276] in linux-security and linux-alert archive
[linux-security] Re: Programming ....
daemon@ATHENA.MIT.EDU (Cohen Liota)
Sat Nov 27 14:48:21 1999
Message-Id: <4.2.2.19991127131039.00a2a690@204.225.103.222>
Date: Sat, 27 Nov 1999 13:19:30 -0500
To: "Arni Raghu" <arni@caip.rutgers.edu>, <linux-security@redhat.com>
From: Cohen Liota <cliota@passport.ca>
In-Reply-To: <177a01bf3843$e1c2fd80$0200a8c0@masala>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Resent-From: linux-security@redhat.com
Ami
Here are a couple of resources to check out
http://www.sunworld.com/sunworldonline/swol-08-1998/swol-08-security.html
http://olympus.cs.ucdavis.edu/~bishop/
Matt Bishop has a good paper on writing secure setuid programs. I was
fortunate enough to be at SANS in Baltimore to catch Mr. Bishops talk
and got some very useful information for auditing code.
I hope this helps you out,
Cohen
At 02:24 PM 11/26/99 -0500, Arni Raghu wrote:
>Hi,
>I am building my own TCP daemon for easing some routine admin stuff... I am
>no expert on security,. I would really appreciate it if someone sent me some
>pointers to writing TCP daemons that are hacker-proof( i know there is
>nothing like that...but I do not want to be making mistakes in coding that
>are well known.. ;)
>
>The daemon runs as root....so that is why I am woried....
>
>Thx,
>Arni
>
>--
>----------------------------------------------------------------------
>Please refer to the information about this list as well as general
>information about Linux security at http://www.aoy.com/Linux/Security.
>----------------------------------------------------------------------
>
>To unsubscribe:
> mail -s unsubscribe linux-security-request@redhat.com < /dev/null
--
Imagine the impasse of a one god universe.
God can not go anywhere because god is already everywhere.
God can not do anything because the act of doing re supposes opposition.
- W. S. Burroughs
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null
