This book describes a set of guidelines for writing secure programs on Linux and Unix systems
For purposes of this book, a “secure program” is a program that sits on a security boundary, taking input from a source that does not have the same access rights as the program.
Such programs include application programs used as viewers of remote data, web applications (including CGI scripts), network servers, and setuid/setgid programs.
This book does not address modifying the operating system kernel itself, although many of the principles discussed here do apply.
These guidelines were developed as a survey of “lessons learned” from various sources on how to create such programs (along with additional observations by the author), reorganized into a set of larger principles.
This book includes specific guidance for a number of languages, including C, C++, Java, Perl, PHP, Python, Tcl, and Ada95.