The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


Updated "Secure Programming for Linux and Unix HOWTO" now available.


<< Previous INDEX Search src Set bookmark Go to bookmark Next >>
Date: Mon, 30 Dec 2002 15:17:38 -0500
From: David Wheeler <[email protected]>
To: [email protected]
Subject: Updated "Secure Programming for Linux and Unix HOWTO" now available.

The latest version of my book, "Secure Programming for Linux and Unix HOWTO",
is now available!  You can freely download it in a variety of formats at:
  http://www.dwheeler.com/secure-programs

This book provides a set of design and implementation guidelines for writing 
secure programs for Linux and Unix systems. Such programs include application 
programs used as viewers of remote data, web applications (including CGI 
scripts), network servers, and setuid/setgid programs. This document includes 
specific guidance for a number of languages, including C, C++, Java, Perl, 
Python, and Ada95.

This is version 3.005, dated 30 December 2002.
Compared to version 3.000, this version adds new text on handling tmp files
where there are tmp cleaners running (true on most real systems -
this causes particular problems with mktemp(1)),
notes on avoiding buffer overflow in FD_SET/FD_CLR(), and
a long discussion on a new attack against web-based systems:
session fixation.  I also added text about protecting secrets in memory.

Enjoy, and happy new year.


--- David A. Wheeler



<< Previous INDEX Search src Set bookmark Go to bookmark Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру