secure programming
Rob Wehrli
plug-devel@lists.PLUG.phoenix.az.us
Wed Dec 3 18:24:02 2003
On Wed, 3 Dec 2003, der.hans wrote:
> moin, moin,
>
> the shadow thread brought up an important point that often gets
> overlooked:
>
> security
>
> I'm certain we've all had to deal with programs that really didn't do
> security correctly.
>
> Anybody want to do a presentation on secure programming?
>
> Maybe cover things like c lib routines that are buffer overlaod safe.
> They exist, but they don't always get used.
>
> I can cover some simple shell stuff like tempfile, but I would be out of
> my element in other languages.
>
> This topic would actually make several good presentations, e.g.
> methodology, methodology of parsing user input, network stacks, secure
> Perl, secure Python, etc.
>
> Alan wants to move to monthlies. This could be a good way to go.
>
> ciao,
>
> der.hans
>
I've got the O'Reilly books on (I think) Linux Security and Secure
Programming (C and/or C++, again, I think). I'm fairly adept at
programming for buffer overruns and such. I'm probably not qualified to
do a real presentation on the topic, but I could at least help support one
:)
I like the idea of monthlies, especially if we can get a bit more
proactive in scheduling cool talks :) I don't mind filling in and/or
presenting on a number of topics, but I don't want anyone to get the idea
that I'm trying to monopolize or self-direct the devgrp. Just wanna try
to be helpful and participate when I can.
Take Care.
Rob!