64 Bit Clean Code
Lists some of the common things you have to be careful of to make sure that your code is 64 bit clean.
Answers several frequently asked questions related to applets and what they are allowed to do.
Best Practices for Secure Development
Covers projects lifecycle, design principles, authentication, confidentitiality, integrity, and accountability. Also has specific information for many platforms and languages. [pdf format - 66 pages]
Describes a systematic process in which one or more individuals try to find security flaws.
Guidelines for C Source Code Auditing
Covers vulnerable points. Mentions both "white box" and "black box" testing methods.
How to Find Security Holes
Primer for finding faults so they can be fixed before people use them to break into things.
Java Security Code Guidelines
Identifies potential pitfalls that you should avoid and shows you how to write your code so that it will not be vulnerable to security attacks.
Java Security Tutorial
Takes about 2.5 hours. Licensed under the GPL. Available in PowerPoint (ppt) and Portable Document Format (PDF) formats.
NCSA Secure Programming Guidelines
Has checklists for cgi and setuid programs. Also has language specific things for C, Perl, and Shell.
Perl CGI Problems
"rain forest puppy" gives a list of holes and how to plug them.
Safe CGI Programming
Intended for the beginning or intermediate cgi programmer. Purpose is to help people avoid the most common errors.
Secure C Programming Guide
Talks about memory and string issues.
Secure Internet Programming
Secure Programming for Linux and Unix HOWTO
This document provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems.
Secure UNIX Programming
Covers general questions, information flow, "privileges and credentials", process interaction, race conditions, and input.
Shifting the Odds
Steve Bellovin's paper on writing more secure programs. [pdf format - 36 pages]
Avoiding security holes when developing an application.
Twelve Rules for Developing More Secure Java Code
Authors Gary McGraw and Edward Felten share tips about how to create more secure code.
Writing Safe Setuid Programs
Papers and talks by Matt Bishop.
Writing Secure Java Programs
Describes a variety of security features and attacks from a programmer's point of view.
Last update:January 2, 2007 at 17:14:01 UTC