Hello Monks, I am in the process of working on a HUGE Application Security initiative where I work. Big part of this is secure coding standards for all languages we use in house. CERT provides an excellent standard for C, Java, C++ but nothing on shell languages. CERT Secure Coding Standards.
Fortify provided a taxonomy on PHP and some other languages, and I have translated those that are applicable to Perl and Ruby into our standards wiki but was wondering if you Wise monks knew of other places with Perl specifics? (And Ruby, bash, etc but Perl would be a great find). Obviously, I have already written up use of taint mode, strict mode, etc. but additional knowledge if, for example, some CPAN modules for input validation etc type information would be very useful.
Thanks in advance!
Fortify provided a taxonomy on PHP and some other languages, and I have translated those that are applicable to Perl and Ruby into our standards wiki but was wondering if you Wise monks knew of other places with Perl specifics? (And Ruby, bash, etc but Perl would be a great find). Obviously, I have already written up use of taint mode, strict mode, etc. but additional knowledge if, for example, some CPAN modules for input validation etc type information would be very useful.
Thanks in advance!
Back to
Meditations