How to Develop Securely

An anonymous reader writes "This column explains how to write secure applications; it focuses on the Linux operating system, but many of the principles apply to any system. In today's networked world, software developers must know how to write secure programs, yet this information isn't widely known or taught. This first installment of the Secure programmer column introduces the basic ideas of how to write secure applications and discusses how to identify the security requirements for your specific application. Future installments will focus on different common vulnerabilities and how to prevent them."

Re:How to develop securely in 4 words

[cpeterso]

and don't forget snprintf() instead of sprintf(). I've heard that sprintf() is a more common cause of buffer overflows than strcpy(). sprintf() is often used to format user input.