OT: Secure system development article

Apologies if this is in the wrong section ;)

I came across this article The Peon's guide to secure system development linked from rootprompt.org and found it quite interesting.

This is just someones rant but if it makes you think (even in disagreement) then its done its job ;P

Comment on OT: Secure system development article

Replies are listed 'Best First'.
Re: OT: Secure system development article by djantzen (Priest) on Nov 20, 2002 at 12:41 UTC
Perhaps it would be a good idea to add a section under the tutorials specifically addressing Perl security issues. Unfortunately, the only node there, which looks pretty good by the table of contents, is written in a language I don't even recognize ((lang: lt) CGI/Perl Script Security). I think it would be helpful to have separate tutorials exploring the potential dangers of functions like system, exec, backticks, open, eval, do, and others addressing security measures such as Safe, Opcode, Taint. Right now there is information available, but mostly it is scattered about through offsite links, manpages and FAQs. I'd bet quite a lot of people could benefit from more in depth analyses of these dangers.	[reply]
Re: Re: OT: Secure system development article by RMGir (Prior) on Nov 20, 2002 at 12:56 UTC
Lithuanian? I thought "lt" was IT, but that's definitely not Italian... Doing a quick search for Script Security led to some interesting looking threads, and this reply by metadoktor points to some interesting (external) general security resources. -- Mike	[reply]