Developers who write applications for the Oracle Solaris operating system need to follow secure coding guidelines. Guidelines exist for secure coding in general, language-specific coding, and Oracle Solaris-specific coding and tools.
The following web sites track coding vulnerabilities and promote secure coding practices:
The CERT web site contains computer language references for secure coding practices. These references might include sections about the POSIX APIs, which are part of the API set of Oracle Solaris.
C – CERT C Secure Coding Standard
Additional guidelines for secure use of the standard C library functions in Oracle Solaris is available at Appendix G, Security Considerations When Using C Functions
The Open Web Application Security Project (OWASP) hosts security guidelines for two web scripting languages:
Python – OWASP Python Security website
Oracle Solaris provides specific APIs which can be used to write more secure code and to take advantage of the security and cryptographic features of the Oracle Solaris operating system and Oracle Sun hardware systems. Additionally, the suite of documents for Oracle Solaris Studio include discussions of using the tools securely.
The following guides from Oracle Solaris address secure coding: