Coding in C - A Summary of Popular Mistakes
This paper is about the most common security related bugs and vulnerabilities, and how to spot and prevent them.
Secure Programming for Linux and Unix-HOWTO
This paper provides a set of design and implementation guidelines for writing secure programs for Linux and Unix systems. Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs. Specific guidelines for C, C++, Java, Perl, Python, TCL, and Ada95 are included.
Security Code Review Guidelines
Before programs may be placed in the firewall system, the source code is reviewed for deficiencies in the areas of security, reliability and operations. This document is dual purposed; first it is a guideline and checklist for security groups performing the code review; second, it is an attempt to provide development teams with information about what we look for in a review.
Secure Unix Programming
This FAQ answers questions about secure programming in the UNIX environment. It is a guide for programmers and not administrators.
The Unix Secure Programming FAQ
Peter Galvin has put together a quick guide of must-do secure programming techniques along with advice on methods to avoid. He also includes a number of valuable online resources.
How to find security holes
This document discusses the different types of security holes and how to find them. It also offers ideas on common problems with using insecure programs and what to look for when auditing code. Finally, this document provides other resources on the Internet about similar subjects.
On the Internet, there is a wealth of information about secure programming and auditing code to find security vulnerabilities. With all this information, sloppy coding shouldn't happen and more code auditing should happen.