| Skip Navigation Links | |
| Exit Print View | |
|
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
|
|
Developer's Guide to Oracle Solaris 11 Security Oracle Solaris 11.1 Information Library |
1. Oracle Solaris Security for Developers (Overview)
2. Developing Privileged Applications
3. Writing PAM Applications and Services
4. Writing Applications That Use GSS-API
7. Writing Applications That Use SASL
8. Introduction to the Oracle Solaris Cryptographic Framework
9. Writing User-Level Cryptographic Applications
10. Introduction to the Oracle Solaris Key Management Framework
B. Sample C-Based GSS-API Programs
Developers who write applications for the Oracle Solaris operating system need to follow secure coding guidelines. Guidelines exist for secure coding in general, language-specific coding, and Oracle Solaris-specific coding and tools.
The following web sites track coding vulnerabilities and promote secure coding practices:
The CERT web site contains computer language references for secure coding practices. These references might include sections about the POSIX APIs, which are part of the API set of Oracle Solaris.
C – CERT C Secure Coding Standard
Additional guidelines for secure use of the standard C library functions in Oracle Solaris is provided by C Library Functions (Community Group security funclist).
The Open Web Application Security Project (OWASP) hosts security guidelines for two web scripting languages:
Python – OWASP Python Security website
Oracle Solaris provides specific APIs which can be used to write more secure code and to take advantage of the security and cryptographic features of the Oracle Solaris operating system and Oracle Sun hardware systems. Additionally, the suite of documents for Oracle Solaris Studio include discussions of using the tools securely.
The following guides from Oracle Solaris address secure coding:
|