In secure programming (synonym: defensive programming), the goal is to ensure continuing function of software despite any and all unforeseen use(s). This may be viewed as reducing or eliminating the prospect of Murphy's Law working. It is most valuable when software can be misused accidently or intentionally, to catastrophic effect.
Nothing is assumed: all error states are accounted for and handled. Programmers never assume a given function call or library will work as promised, and so handle it in the code. In contrast, in normal programming practices, many such assumptions are made.
Growing article, with links to many related topics. [Wikipedia]
Design and implementation guidelines for writing secure programs for POSIX operating systems.
First installment in multipart series of excerpts from Practical Unix and Internet Security, 3rd Edition; tips and general design principles to code by to avoid security-related bugs. O'Reilly Media.
Thanks to DMOZ, which built a great web directory for nearly two decades and freely shared it with the web. About us