Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.java.programmer > #4665

Re: The CERT Oracle Secure Coding Standard for Java

From Arved Sandstrom <asandstrom3minus1@eastlink.ca>
Newsgroups comp.lang.java.programmer
Subject Re: The CERT Oracle Secure Coding Standard for Java
References <899ac5cb-b1e4-44b1-8e27-e6385b4fdcdb@24g2000yqk.googlegroups.com> <irp97l$ci$1@dont-email.me>
Message-ID <5UVDp.23993$oq.5480@newsfe17.iad> (permalink)
Organization Public Usenet Newsgroup Access
Date 2011-05-27 19:49 -0300

Show all headers | View raw

On 11-05-27 07:43 PM, Jeff Higgins wrote:
> On 05/27/2011 01:44 PM, rCs wrote:
>> The CERT Oracle Secure Coding Standard for Java has been completed and
>> is now ready for
>> https://www.securecoding.cert.org/confluence/display/java/The+CERT+Oracle+Secure+Coding+Standard+for+Java.
>>
>>
>> The CERT Oracle Secure Coding Standard for Java provides rules for
>> secure coding in the Java programming language. The goal of these
>> rules is to eliminate insecure coding practices that can lead to
>> exploitable vulnerabilities.
>>
>> To review, you can create an account on the wiki and then post
>> comments to any of the pages, or respond directly to me.
>>
>> Thanks,
>> rCs
> 
> Thanks for the link.
> 
> Spotted a typo, third paragraph IDS01-J
> 
> "Character information in Java 1.6 is based on the Unicode Standard,
> version 4.0 [Unicode 2003]. Character information in Java 1.6 is based
> on the Unicode Standard, version 6.0.0 [Unicode 2011]."
> 
It's great material. I'm familiar with Robert Seacord's C/C++ security
writing, he knows his stuff. The CERT Oracle Secure Coding Standard for
Java is a good complement to the Secure Coding Guidelines for the Java
Programming Language from Sun/Oracle, and the OWASP Java/Java EE material.

AHS

Back to comp.lang.java.programmer | Previous | NextPrevious in thread | Next in thread | Find similar

Thread

The CERT Oracle Secure Coding Standard for Java rCs <rcs@sei.cmu.edu> - 2011-05-27 10:44 -0700
  Re: The CERT Oracle Secure Coding Standard for Java Jeff Higgins <jeff@invalid.invalid> - 2011-05-27 18:43 -0400
    Re: The CERT Oracle Secure Coding Standard for Java Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2011-05-27 19:49 -0300
      Re: The CERT Oracle Secure Coding Standard for Java Lawrence D'Oliveiro <ldo@geek-central.gen.new_zealand> - 2011-05-28 16:31 +1200
        Re: The CERT Oracle Secure Coding Standard for Java Lew <noone@lewscanon.com> - 2011-05-28 00:45 -0400
    Re: The CERT Oracle Secure Coding Standard for Java rCs <rcs@sei.cmu.edu> - 2011-06-02 06:14 -0700
  Re: The CERT Oracle Secure Coding Standard for Java "Nasser M. Abbasi" <nma@12000.org> - 2011-05-28 00:42 -0700
    Re: The CERT Oracle Secure Coding Standard for Java Eric Sosman <esosman@ieee-dot-org.invalid> - 2011-05-28 09:07 -0400
    Re: The CERT Oracle Secure Coding Standard for Java Daniele Futtorovic <da.futt.news@laposte-dot-net.invalid> - 2011-05-28 15:10 +0200
    Re: The CERT Oracle Secure Coding Standard for Java Arved Sandstrom <asandstrom3minus1@eastlink.ca> - 2011-05-28 10:35 -0300
    Re: The CERT Oracle Secure Coding Standard for Java "John B. Matthews" <nospam@nospam.invalid> - 2011-05-29 16:17 -0400
  Re: The CERT Oracle Secure Coding Standard for Java Abu Yahya <abu_yahya@invalid.com> - 2011-06-08 20:52 +0530
    Re: The CERT Oracle Secure Coding Standard for Java Abu Yahya <abu_yahya@invalid.com> - 2011-06-08 20:55 +0530

csiph-web