Date: Mon, 16 Dec 1996 19:10:11 +0100 (MET) From: Wolfgang Ley <ley@cert.dfn.de> To: craig@ProGroup.COM (Craig Shaver) Cc: security@freebsd.org Subject: Re: crontab security hole exploit Message-ID: <199612161810.TAA03636@tiger.cert.dfn.de> In-Reply-To: <199612161654.IAA19864@seabass.progroup.com> from "Craig Shaver" at Dec 16, 96 08:54:26 am
next in thread | previous in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Craig Shaver wrote: > [...] > It certainly helps me understand what is really going on. I can learn from > this to code defensively. > > Is there someplace or some book that someone who is writing new software can > refer to for learning how to write secure code in the first place? I > certainly don't want to ask some whiny security cop for each and every > little detail.... :) You might want to check the the "Secure Programming Checklist" which is a collection of the suggestions from the "Practical UNIX and Internet Security" book and a paper from AUSCERT. ftp://ftp.auscert.org.au/pub/auscert/papers/secure_programming_checklist ...or any mirror Bye, Wolfgang. - -- Wolfgang Ley, DFN-CERT, Vogt-Koelln-Str. 30, 22527 Hamburg, Germany Email: ley@cert.dfn.de Phone: +49 40 5494-2262 Fax: +49 40 5494-2241 PGP-Key available via finger ley@ftp.cert.dfn.de any key-server or via WWW from http://www.cert.dfn.de/~ley/ ...have a nice day -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBMrWQgQQmfXmOCknRAQGjJgQAt8SIblFH7EpMtMK2S1hlfA6dQJEhgRPO 5AgrjlA9O5sCYToMjAVwSngxoXnArhheK6q30aS8OoF5fW6YWy+DpZnnfRsbiTMC 5WjlshVnccfVs9QHPALziUWf2zTkNk1hNtZgmkT7a5BfCmzA8HiOrYR9w/FYEcgJ uYRlsTcAzH0= =w0YU -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612161810.TAA03636>