LinuxSecurity.com: Interview with David A. WheelerFeb 28, 2000, 08:05 (0 Talkback[s])
(Other stories by Dave Wreski)
[ Thanks to Rich Jankowski for this link. ]
"David A. Wheeler is the author of the "Secure Programming for Linux HOWTO", the Linux Documentation Project's document describing how to write secure programs for Linux...."
"LinuxSecurity: Why did you develop the "Secure Programming for Linux HOWTO?"
"Wheeler: Over the last several years I noticed that many developers for Linux seem to keep falling into the same security pitfalls, again and again. Auditors were slowly catching problems, but it would have been better if the problems weren't put into the code in the first place. I believe that part of the problem was that there wasn't a single, obvious place where developers could go and get information on how to avoid known pitfalls. The information was publicly available, but it was often hard to find, out-of-date, incomplete, or had other problems. I guess all of that leads up to the answer: I developed this document in the hope that future software developers for Linux won't repeat past mistakes, resulting in an even more secure form of Linux."