[6496] in bugtraq
Re: Article on writing secure software
daemon@ATHENA.MIT.EDU (Jim Dennis)
Mon Apr 13 00:45:01 1998
Date: Tue, 7 Apr 1998 03:06:40 -0700
Reply-To: Jim Dennis <jimd@STARSHINE.ORG>
From: Jim Dennis <jimd@STARSHINE.ORG>
X-To: Adam Shostack <adam@HOMEPORT.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199804061738.NAA22656@homeport.org> Message Apparently From Adam
Shostack <adam@HOMEPORT.ORG> Dated Mon, 06 Apr 1998 13:38:06 EDT.
>>>>> Adam == Adam Shostack <adam@HOMEPORT.ORG> writes:
>>>>> TF == Trane Francks
TF> Perhaps I'm preaching to the converted here, but I found an
TF> interesting article in SunWorld Online regarding security and
TF> the software we write. It might be considered mandatory reading
TF> for new programmers....
TF>
TF> Take a look at:
TF>
TF> http://www.sun.com/sunworldonline/swol-04-1998\
TF> /swol-04-security.html?040198i
Adam> If Aleph oks it, I'll plug a set of code review guidelines I
Adam> wrote about a year ago:
Adam> http://www.homeport.org/~adam/review.html
I hope everyone here has also read one of the extent classics in
this rarefied field:
Matt Bishop's Writing Secure SUID Programs
http://olympus.cs.ucdavis.edu/~bishop/secprog.html
--
Jim Dennis (800) 938-4078 consulting@starshine.org
Proprietor, Starshine Technical Services: http://www.starshine.org
PGP 1024/2ABF03B1 Jim Dennis <jim@starshine.org>
Key fingerprint = 2524E3FEF0922A84 A27BDEDB38EBB95A
