I ask here because I don't want to pollute tech@,
you told about those dangerous idioms, is that all knowledge collected
anywhere? Even I know a lot of secure coding practices, I that would be
interesting to read.
And question comes to my mind.. Is there attempts to use this knowledge
in
http://cyclone.thelanguage.org/
http://en.wikipedia.org/wiki/Cyclone_(programming_language)
http://trevorjim.com/papers/usenix2002.pdf
http://homes.cs.washington.edu/~djg/papers/cyclone-cuj.pdf
Best regards,
Daniel
Hi --
Though slightly OT, might be of interested.
http://www.cert.org/secure-coding/managedstring.html
Though slightly OT, might be of interested.
http://www.cert.org/secure-coding/managedstring.html
This is written by people who just don't understand the problem space
or the solution space.
Let me summarize;
If people can't handle something as simple as C strings, don't try to
shove
4 matches
Mail list logo