26286 total geeks with 3498 solutions
Recent challengers:
 Welcome, you are an anonymous user! [register] [login] Get a yourname@osix.net email address 

Articles

GEEK

User's box
Username:
Password:

Forgot password?
New account

Shoutbox
MaxMouse
It's Friday... That's good enough for me!
CodeX
non stop lolz here but thats soon to end thanks to uni, surely the rest of the world is going good?
stabat
how things are going guys? Here... boring...
CodeX
I must be going wrong on the password lengths then, as long as it was done on ECB
MaxMouse
lol... the key is in hex (MD5: of the string "doit" without the "'s) and is in lower case. Maybe i should have submitted this as a challenge!

Donate
Donate and help us fund new challenges
Donate!
Due Date: May 31
May Goal: $40.00
Gross: $0.00
Net Balance: $0.00
Left to go: $40.00
Contributors


News Feeds
The Register
Report: China IP
theft now equal in
value to US exports
to Asia
Kim Dotcom claims
invention of
two-factor
authentication
US power grid the
target of "numerous
and daily"
cyber-attacks
Prenda lawyers miss
sanctions deadline
HP down on all
fronts in Q2, but
profits higher than
expected
Microsoft floats
Azure cloud into
China
Twitter locks down
logins by adding
two-factor
authentication
IiNet offloads
fibre network to
NBN Co
Microsoft tweaks
WinPhone YouTube
app to fix Google
gripes
Ethernet daddy:
online education
poised to transform
the world
Slashdot
3D Printers For
Peace Contest
Intel"s Linux
OpenGL Driver
Faster Than Apple"s
OS X Driver
Rough Roving:
Curiosity"s Wheels
Show Damage
Tesla Motors Repays
$465M Government
Loan 9 Years Early
Why the "Star Trek
Computer" Will Be
Open Source and
Apache Licensed
NYPD Detective
Accused of Hiring
Email Hackers
Scientists Find
Vitamin C Kills
Drug-Resistant
Tuberculosis
German IT Firm
Seeks Autistic
Workers
Violent Galactic
Clash May Solve
Cosmic Mystery
The Canadian
Government"s War On
Science
Article viewer

Writing secure programs for Linux and Unix systems : a book



Written by:dimport
Published by:dimport
Published on:2003-06-21 07:19:46
Topic:Linux
Search OSI about Linux.More articles by dimport.
 viewed 9729 times send this article printer friendly

Digg this!
    Rate this article :
The Secure Programming for Linux and Unix HOWTO by David A Wheeler, is an excellent online book, easy to read by any person interested in Unix/Linux and generally speaking, about Open Source software and quality programming.

As the author presents it, in his own words: "It provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. This document includes specific guidance for a number of languages, including C, C++, Java, Perl, Python, and Ada95." Since the book's introduction is a great presentation in itself, -- the short history of Unix and the birth and raise of Linux, the concept of secure programming and much more, --I consider that by trying to compete with it would be at least innapropriate.David A. Wheeler is usually recognized in the IT community as a promoter of quality, secure programming and of Open Source.His criticism is daring, eye-opening and unmerciful.Most of his books, and books he was co-authoring are pointing at secure programming.Promoting the Open Source he wrote Why Open Source Software / Free Software (OSS/FS)? Look at the Numbers!His personal home page provides various essays and projects, many of which involve open source software / free software, which I consider a rich source of documentation, and I highly recommend: David A. Wheeler's Home Pagethe book:Secure Programming for Linux and Unix HOWTO

This article was originally written by Azar
Did you like this article? There are hundreds more.

Comments:
<none>
Anonymously add a comment: (or register here)
(registration is really fast and we send you no spam)
BB Code is enabled.
Captcha Number:


Blogs: (People who have posted blogs on this subject..)
bb
start svn on system boot in debian on Tue 21st Jul 10am
http://linux.justinhartman.com/Startup_S cript_for_Subversion I found this a really simple explanation of how to start svn when the server boots
bb
SSHFS: Super Easy File Access over SSH on Wed 18th Feb 1pm
This was really useful, and worked great to communicate between servers. http://www.linuxjournal.com/article/8904 Thanks to gabbs
bb
hellanzb nzb news downloader for NSLU2 on Tue 22nd May 7pm
Someone introduced me to the joyful NZB file recently. Its truly a wonderful invention, and allows my to explore usenet binary grabbing using my NSLU2. as previous nntp readers id tried made the process too painful. So simply .... 1) apt-get inst
bb
edna mp3 streaming for nslu2 on Wed 9th May 11am
I've been streaming music from my home NSLU2 server for a while now using mt-daapd (firefly) which is an ITunes server for linux. I can connect to my home network from work using ITunes and a little daap proxy app called rendevous. My friend was doing
Adnurak
How to choose the right Linux Distro on Thu 9th Nov 7pm
This is mainly for new users who want to try out Linux for the first time, but try it out if you're experienced in Linux anyway, it's kinda fun. What with all these different distributions of Linux that you hear about all the time, it's hard to choose
ketan404
my blog on Thu 9th Nov 6am
http://ketan404.blogspot.com
bb
Tweaking Apache and Mysql for Low Memory on Fri 20th Oct 11am
i implemented this to tweak my apache/mysql for better performance on my NSLU2. Hard to tell if its helping much though ;-) Mysql really doesnt run too well with apache on NSLU2 so I dont use it for much. http://www.unixshell.com/wiki/index.php/ Optimiz
Adnurak
Fate - A Linux Security Simulation Written in C++ on Fri 20th Oct 6am
Fate is a simulation of a Linux system written in C++ and meant for DOS (runs fine in winxp and winme by just doubleclicking) that according to the creator, m101, shows you the basics of security in different Linux systems, including but not limited to, M
bb
Article on building rtorrent for arm5vtel NSLU2 with debianslug on Thu 19th Oct 7am
I wrote an article today on my efforts at compiling rtorrent for debianslug. its here ... Article on building rtorrent/libtorrent for arm5vtel NSLU2 with littleendian debianslug
bb
How to mount .iso file on NSLU2 running debianslug on Tue 19th Sep 12pm
If like me your running debianslug on an NSLU2 and you'd like to mount an iso file so it can be directly streamed to Xbox Media Centre (its a beautiful solution isnt it!) then simply do the following. Ensure you have loop support in your debianslug k

Test Yourself: (why not try testing your skill on this subject? Clicking the link will start the test.)
Linux Test Simple by a13x4nd7u

This is a simple Linux commands test.
Linux Quiz by abhijangda

Trivia about your favorite OS
Linux Administration by typedeaF

Testing your knowledge of Linux administration tools, very light shell scripting, and good high level understanding of how the OS works at the user level. Anyone who has worked with Linux for 1-3 years should do good.
Linux Commands (Part 1) by nirus

If you think you know the linux command-line then this test is for you. For reference purposes, it is based on Debian/GNU Linux with a BASH Shell.

     
Your Ad Here
 
Copyright Open Source Institute, 2006