Secure Programming for Linux and Unix (D.A. Wheeler)

Currently this section contains no detailed description for the page, will update this page soon.

Author(s):

Pages

This note covers the following topics: background, history of unix, linux, and open source, security principles, why do programmers write insecure code?, is open source good for security?, types of secure programs, paranoia is a virtue, why did i write this document?, sources of design and implementation guidelines, other sources of security information, document conventions, summary of linux and unix security features, processes, files, system v ipc, sockets and network connections, signals, quotas and limits, dynamically linked libraries, audit, pam, specialized security extensions for unix-like systems, security requirements, common criteria introduction, security environment and objectives,validate all input, command line, environment variables, file descriptors, file names, file contents, web-based application inputs (especially cgi scripts), other inputs, human language (locale) selection, character encoding, prevent cross-site malicious content on input, filter html/uris that may be re-presented, remove or forbid some html data, encoding html data, validating html data, validating hypertext links (uris/urls), other html tags, related issues, forbid http get to perform non-queries, counter spam, limit valid input time and load level, avoid buffer overflow, dangers in c/c++, library solutions in c/c++, standard c library solution, static and dynamically allocated buffers, strlcpy and strlcat, libmib, c++ std

Author(s): David A. Wheeler

168 Pages

Secure Programming for Linux and Unix (D.A. Wheeler)

Secure Programming for Linux and Unix (D.A. Wheeler)

Similar Books