[OWASP-GUIDE] Status of the Guide v2

Chris Todd chris at christophertodd.com
Tue May 18 00:02:38 EDT 2004


So are you thinking that the language section will be multiple chapters, or
one big chapter?

I like the idea of separating the languages by "type" (script vs. executable
CGI vs. framework), because each type shares characteristics.  Are you
thinking that the "common problems" section/chapter would focus primarily on
the interaction between language design and security, or are you thinking
along different lines?


-----Original Message-----
From: owasp-guide-admin at lists.sourceforge.net
[mailto:owasp-guide-admin at lists.sourceforge.net] On Behalf Of Adrian
Sent: Monday, May 17, 2004 5:35 PM
To: owasp-guide at lists.sourceforge.net
Subject: Re: [OWASP-GUIDE] Status of the Guide v2

Andrew and Chris (and others)

We left the discussion concerning the language section in the Guide v2 with
the short questionary on the webappsec maillist.

To come back to the actual language section in the Guide v2. I propose the
following structure:

- Introduction
- Common problems and strategies
- Scripts (Where we cover at least ASP, PHP and Perl)
- Enhanced Applications (C, especially handling CGI)
- Frameworks (Java, .NET)
- Application Frameworks (like Drumbeat and Vignette)

With every language chapter having language specific informations and
security strategies.

So what do you think?


This SF.Net email is sponsored by: SourceForge.net Broadband Sign-up now for
SourceForge Broadband and get the fastest 6.0/768 connection for only
$19.95/mo for the first 3 months!
Owasp-guide mailing list
Owasp-guide at lists.sourceforge.net

More information about the Owasp-guide mailing list