David A. Wheeler. Secure Programming for Linux and Unix HOWTO. http://www.dwheeler.com/secure-programs/, 2002.  Home/Search Document Details and Download
Summary Related Articles Check |
This paper is cited in the following contexts:
Best Practices for Secure Development - Peteanu (2001) (Correct)
....will assume the system is up to date in terms of patches. Rather, what is needed is a repository of classes of attacks so given any system, the tester would know what to try. A promising initiative is the Open Web Application Security Project at http: www.owasp.org . Another useful resource is [Wheeler2001] and the The Open Source Security Testing Methodology Manual [OSSTMM2001] although the latter is geared more towards system penetration testing. 3.4.3.2 Certification In more regulated environments systems are required to be security certified. The meaning of such certification is specific to ....
....multiple representations. In the IDS world, this increases the difficulty of pattern scanning. In the applications world, multiple representations of the same data means it is harder to validate the data. We have already covered how important it is to validate what a user provides to the system. [Wheeler2001] has a very good coverage of the security implications. References to security implications in the Unicode specification can also be found at http: www.unicode.org unicode reports tr27 43 7 Languages 7.1 C C The biggest security problem with C and C is also the most frequent ....
[Article contains additional citation context not shown here]
David A. Wheeler, Secure Programming for Linux and Unix HOWTO, http://www.dwheeler.com/secure-programs/
Comparing Windows NT, Linux, and QNX as the Basis for Cluster .. - Kavas, Feitelson (Correct)
....used to administer the system. To allow some splitting of the privileges held by root, POSIX has decreed that processes have three sets of capabilities: the effective, inheritable, and permitted capabilities. This was added to Linux 2. 2, but is not universally supported by other Unix like systems [42]. QNX As a POSIX compliant operating system, the QNX security model is very similar to Linux. However, it is considered very unsecure by many developers in the QNX community because of the fact that once a user (or process) has root permissions on one of the network machines, he has root ....
D. A. Wheeler, "Secure programming for Linux and Unix HOWTO ". URL http://www.dwheeler.com/secure-programs/.
Applying the Blackboard Model in the Security Field - Xenitellis (2002) (Correct)
No context found.
David A. Wheeler. Secure Programming for Linux and Unix HOWTO. http://www.dwheeler.com/secure-programs/, 2002.
Code Inection in C and CPP: A Survey of Vulnerabilities.. - Younan, Joosen, Piessens (2004) (Correct)
No context found.
David A. Wheeler. Secure Programming for Linux and Unix HOWTO, 3.010 edition, march 2003. (Cited on page 3.)
Applying the Blackboard Model in the Security Field - Xenitellis (2002) (Correct)
No context found.
David A. Wheeler. Secure Programming for Linux and Unix HOWTO. http://www.dwheeler.com/secure-programs/, 2002.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC