From owner-freebsd-security Tue Dec 17 10:23:56 1996 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id KAA10752 for security-outgoing; Tue, 17 Dec 1996 10:23:56 -0800 (PST) Received: from vdp01.vailsystems.com (root@vdp01.vailsystems.com [207.152.98.18]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id KAA10746 for ; Tue, 17 Dec 1996 10:23:51 -0800 (PST) Received: from crocodile.vale.com (crocodile [204.117.217.147]) by vdp01.vailsystems.com (8.8.3/8.7.3) with ESMTP id MAA28960 for ; Tue, 17 Dec 1996 12:18:47 -0600 (CST) Received: from jaguar (jaguar.vale.com [204.117.217.146]) by crocodile.vale.com (8.8.3/8.7.3) with SMTP id MAA11546 for ; Tue, 17 Dec 1996 12:18:45 -0600 (CST) Message-ID: <32B6E407.3BDF@vailsys.com> Date: Tue, 17 Dec 1996 12:18:47 -0600 From: Hal Snyder Reply-To: hal@vailsys.com Organization: Vail Systems, Inc. X-Mailer: Mozilla 3.0 (WinNT; I) MIME-Version: 1.0 To: security@freebsd.org Subject: writing secure code (was crontab ...) References: <199612162327.SAA10241@homeport.org> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk wrote: Is there someplace or some book that someone who is writing new software can refer to for learning how to write secure code in the first place? I certainly don't want to ask some whiny security cop for each and every little detail.... :) I like Chapter 23 of Practical Unix & Internet Security, (2d Ed), by Garfinkel & Spafford, pub. O'Reilly & Associates.