[linux-security] Re: Programming ....

[Cohen Liota <cliota passport ca>]

Ami

Here are a couple of resources to check out

http://www.sunworld.com/sunworldonline/swol-08-1998/swol-08-security.html

http://olympus.cs.ucdavis.edu/~bishop/

Matt Bishop has a good paper on writing secure setuid programs.  I was
fortunate enough to be at SANS in Baltimore to catch Mr. Bishops talk
and got some very useful information for auditing code.

I hope this helps you out,
Cohen

At 02:24 PM 11/26/99 -0500, Arni Raghu wrote:
> Hi,
> I am building my own TCP daemon for easing some routine admin stuff... I am
> no expert on security,. I would really appreciate it if someone sent me some
> pointers to writing TCP daemons that are hacker-proof( i know there is
> nothing like that...but I do not want to be making mistakes in coding that
> are well known.. ;)
>
> The daemon runs as root....so that is why I am woried....
>
> Thx,
> Arni
>
> --
> ----------------------------------------------------------------------
> Please refer to the information about this list as well as general
> information about Linux security at http://www.aoy.com/Linux/Security.
> ----------------------------------------------------------------------
>
> To unsubscribe:
>   mail -s unsubscribe linux-security-request redhat com < /dev/null

--
Imagine the impasse of a one god universe.
God can not go anywhere because god is already everywhere.
God can not do anything because the act of doing re supposes opposition.
	- W. S. Burroughs