[ Thanks to Rich
Jankowski for this link. ]
“David A. Wheeler is the author of the “Secure Programming
for Linux HOWTO”, the Linux Documentation Project’s document
describing how to write secure programs for Linux….“
“LinuxSecurity: Why did you develop the “Secure Programming for
Linux HOWTO?”
“Wheeler: Over the last several years I noticed that many
developers for Linux seem to keep falling into the same security
pitfalls, again and again. Auditors were slowly catching problems,
but it would have been better if the problems weren’t put into the
code in the first place. I believe that part of the problem was
that there wasn’t a single, obvious place where developers could go
and get information on how to avoid known pitfalls. The information
was publicly available, but it was often hard to find, out-of-date,
incomplete, or had other problems. I guess all of that leads up to
the answer: I developed this document in the hope that future
software developers for Linux won’t repeat past mistakes, resulting
in an even more secure form of Linux.”