Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

CERT Java Secure Coding Standard

0 views
Skip to first unread message

Fred Long

unread,
Apr 27, 2011, 12:08:31 PM4/27/11
to
To: comp.lang.java.security
The CERT/CC has added to their secure coding standards for the C
language and for C++ by developing secure coding standards for Java.

The site, available as a Wiki, is at:

https://www.securecoding.cert.org/confluence/display/java/CERT+Java+Secure+Coding+Standard

The rules and recommendations are not globally editable, but anyone is
able at add comments.

We are depending on the active involvement of the Java community (you)
to make this effort a success. I invite you to participate in this
effort by reviewing content on the web site and providing comments, or
by contributing new rules and recommendations for secure Java coding.
These can be sent to me directly or to secure-coding at cert dot com.

Please review the web site and provide feedback.

Thanks,
Fred Long
CERT-O Coordination Center
Software Engineering Institute

---
* Synchronet * The Whitehouse BBS --- whitehouse.hulds.com --- check it out free usenet!
--- Synchronet 3.15a-Win32 NewsLink 1.92
Time Warp of the Future BBS - telnet://time.synchro.net:24

Lothar Kimmeringer

unread,
Apr 27, 2011, 12:08:33 PM4/27/11
to
To: comp.lang.java.security
Fred Long wrote:

> The site, available as a Wiki, is at:
>
> https://www.securecoding.cert.org/confluence/display/java/CERT+Java+Secure+Coding+Standard
>
> The rules and recommendations are not globally editable, but anyone is
> able at add comments.

Really? How?
Even after registering I don't find any link being offered to
do that.


Regards, Lothar
--
Lothar Kimmeringer E-Mail: spam...@kimmeringer.de
PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81)

Always remember: The answer is forty-two, there can only be wrong
questions!

Fred Long

unread,
Apr 27, 2011, 12:08:33 PM4/27/11
to
To: comp.lang.java.security

Lothar Kimmeringer wrote:
> Fred Long wrote:
>
>> The site, available as a Wiki, is at:
>>
>> https://www.securecoding.cert.org/confluence/display/java/CERT+Java+Secure+Coding+Standard
>>
>> The rules and recommendations are not globally editable, but anyone is
>> able at add comments.
>
> Really? How?
> Even after registering I don't find any link being offered to
> do that.

Once you have registered you can log in to the site.

When you are logged in, you will see a link "Add Comment" at the bottom
of every page. Clicking on that link enables you to add a comment.
(You will not see that link if you are not logged in.)

I hope that helps,

Fred Long.

Lothar Kimmeringer

unread,
Apr 27, 2011, 12:08:33 PM4/27/11
to
To: comp.lang.java.security
Fred Long wrote:

> Lothar Kimmeringer wrote:

>> Really? How?
>> Even after registering I don't find any link being offered to
>> do that.
>
> Once you have registered you can log in to the site.
>
> When you are logged in,

I assume to be logged in, when I see the name, I provided
during registration, at the top of the page, right?

> you will see a link "Add Comment" at the bottom
> of every page.

I expected something like this, so I was looking at the
end of the page already (where the comments are). There
is no add-comment-link. Then I was looking around the page,
checking the link-list where my name appeared, checked
the prefereces-page if there is a checkbox allowing to
disable that link, checked if the link-list at the end
of the page containing the usual links (Home, About, etc.)
come with an additional one. All that was negative, so
I asked.

Should I send a screenshot, you can use your favorite
paint-program to put a red circle around the link I'm
obviously too blind to see? ;-)

> Clicking on that link enables you to add a comment.

Really? ;-)
I think, somebody who is not realizing the meaning of
an "Add Comment"-link should not be allowed to use it
anyway ;-)

> (You will not see that link if you are not logged in.)

Are there other restrictions maybe?

> I hope that helps,

Nope ;-)


Regards, Lothar
--
Lothar Kimmeringer E-Mail: spam...@kimmeringer.de
PGP-encrypted mails preferred (Key-ID: 0x8BC3CD81)

Always remember: The answer is forty-two, there can only be wrong
questions!

---

Fred Long

unread,
Apr 27, 2011, 12:08:34 PM4/27/11
to
To: comp.lang.java.security
Lothar Kimmeringer wrote:
> Fred Long wrote:
> ...

>> Once you have registered you can log in to the site.
>>
>> When you are logged in,
>
> I assume to be logged in, when I see the name, I provided
> during registration, at the top of the page, right?

Correct.

>> you will see a link "Add Comment" at the bottom
>> of every page.
>
> I expected something like this, so I was looking at the
> end of the page already (where the comments are). There
> is no add-comment-link. Then I was looking around the page,
> checking the link-list where my name appeared, checked
> the prefereces-page if there is a checkbox allowing to
> disable that link, checked if the link-list at the end
> of the page containing the usual links (Home, About, etc.)
> come with an additional one. All that was negative, so
> I asked.

> ...

Please email me directly at <f...@sei.cmu.edu>.

Thanks,
Fred.

0 new messages