April 11th, 2002, 03:11 PM
Secure Programming Guides
Does anyone know of any online guides for secure programming practices? I am looking for guides pertaining to Java, C, and Perl.
April 11th, 2002, 03:21 PM
I'm not too sure on online guides but I can drop some pointers.
1: check all your variables. If programming in perl, using 'use strict' makes you define explicitly every variable in use. Error-check the lengths so you avoid buffer overflows, and also the content to avoid data corruption/breakage.
2: keep it clean and concise with internal documentation.
3: have a CVS repository or something so that you can see any/all changes since it's inception into the repository. This helps keep unwanted hands out of it and also alerts if they do get into it, along with the changes made.
4: keep out stuff not needed. Clutter in a program can lead to failures.
There's more that you'll learn but those are pretty good to start with. Do it by force to begin with and it'll become habit and secure programming is a good thing.
We the willing, led by the unknowing, have been doing the impossible for the ungrateful. We have done so much with so little for so long that we are now qualified to do just about anything with almost nothing.
April 11th, 2002, 03:49 PM
Thanks for the Perl tips.
What do you mean about "the content?" Were you talking about array contents/buffer overflows still?