In an article(http://msdn.microsoft.com/msdnmag/issues/03/11/SecurityCodeReview/de fault.aspx) in the Novermber issue of MSDN magazine, Michael Howard (who wrote building secure code), gives pointers to finding security defects in code. "Allocating Time and Effort I have a ranking system I use to determine how much relative time I need to spend reviewing the code. The system is based on the damage potential if a vulnerability is exploited and the potential for attack. The quota system is based on the following traits: Does the code run by default? Does the code run with elevated privileges? Is the code listening on a network interface? Is the network interface unauthenticated? Is the code written in C/C++? Does the code have a prior history of vulnerability? Is this component under close scrutiny by security researchers? Does the code handle sensitive or private data? Is the code reusable (for example, a DLL, C++ class header, library, or assembly)? Based on the threat model, is this component in a high-risk environment or subject to many high-risk threats? "
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
