Innocent Code : A Security Wake-Up Call for Web Programmers
Sverre H. HusebyISBN: 0470857447; 9780470857441;
This book is much more than a wake-up call. It is also an eye-opener. Even for those who are already awake to the problems of Web server security, it is a serious guide for what to do and what not to do, with many well-chosen examples. The set of fundamental rules is highly relevant. Peter G. Neumann, Author of Computer-Related Risks,and moderator of the Internet Risks Forum (risks.org). This concise and practical book will show where code vulnerabilities lie and how best to fix them. Its value is in showing where code may be exploited to gain access to - or break - systems, but without delving into specific architectures, programming or scripting languages or applications. It provides illustrations with real code. InnocentCode is an entertaining read showing how to change your mindset from website construction to website destruction so as to avoid writing dangerous code. Abundant examples from susceptible sites will bring the...