Secure Coding mailing list archives
"Bumper sticker" definition of secure software
From: michaelslists at gmail.com (mikeiscool)
Date: Mon, 17 Jul 2006 12:17:01 +1000
On 7/17/06, Crispin Cowan <crispin at novell.com> wrote:
Goertzel Karen wrote: I've been struggling for a while to synthesise a definition of secure software that is short and sweet, yet accurate and comprehensive.My favorite is by Ivan Arce, CTO of Core Software, coming out of a discussion between him and I on a mailing list about 5 years ago. Reliable software does what it is supposed to do. Secure software does what it is supposed to do, and nothing else.
and what if it's "supposed" to take unsanitzed input and send it into a sql database using the administrators account? is that secure?
Crispin
-- mic
Current thread:
- SD West Call for proposals Gary McGraw (Jul 05)
- "Bumper sticker" definition of secure software Goertzel Karen (Jul 15)
- "Bumper sticker" definition of secure software ljknews (Jul 16)
- "Bumper sticker" definition of secure software Stephen de Vries (Jul 16)
- Message not available
- "Bumper sticker" definition of secure software mikeiscool (Jul 16)
- "Bumper sticker" definition of secure software Gunnar Peterson (Jul 16)
- "Bumper sticker" definition of secure software Gadi Evron (Jul 16)
- "Bumper sticker" definition of secure software Dave Aronson (Jul 16)
- "Bumper sticker" definition of secure software Crispin Cowan (Jul 16)
- "Bumper sticker" definition of secure software mikeiscool (Jul 16)
- "Bumper sticker" definition of secure software Crispin Cowan (Jul 17)
- "Bumper sticker" definition of secure software mikeiscool (Jul 17)
- "Bumper sticker" definition of secure software Crispin Cowan (Jul 17)
- "Bumper sticker" definition of secure software Glenn and Mary Everhart (Jul 17)
- "Bumper sticker" definition of secure software Goertzel Karen (Jul 15)