[TUHS] Off topic: Books on Unix security?
Kevin Bowling
kevin.bowling at kev009.com
Sun May 4 13:53:42 AEST 2025
On Fri, May 2, 2025 at 5:21 AM Aharon Robbins <arnold at skeeve.com> wrote:
> Hi All.
>
> In a book I'm updating, I have the following references for
> Unix security.
>
> 1. Practical UNIX & Internet Security, 3rd edition, by Simson Garfinkel,
> Gene Spafford, and Alan Schwartz, O’Reilly & Associates, Sebastopol,
> CA, USA, 2003. ISBN-10: 0-596-00323-4, ISBN-13: 978-0596003234.
>
> 2. Building Secure Software: How to Avoid Security Problems the Right Way,
> by John Viega and Gary McGraw. Addison-Wesley, Reading, Massachusetts,
> USA, 2001. ISBN- 10: 0-201-72152-X, ISBN-13: 978-0201721522.
>
> 3. “Setuid Demystified,” by Hao Chen, David Wagner, and Drew
> Dean. Proceedings of the 11th USENIX Security Symposium, August 5–9,
> 2002. http://www.cs.berkeley. edu/~daw/papers/setuid-usenix02.pdf.
>
> One of my reviewers asked if these weren't "dusty references".
> So, before I just refer to them as "classics", can anyone recommend
> more recent books? Feel free to answer in private.
>
I’d have to rummage around for a definitive answer but I think things have
fractured a bit and OS level security is either a chapter or section in
academic or professional books. That is mostly survey or long standing
information, the edge is all in open source code and/or
papers/presentations.
There are several recent cryptography books aimed at a more practitioner
level I can recommend if that is relevant to your quest.
The main book that comes to mind 0321822137 is a C and C++ security survey
that is worthwhile but not OS specific.
I’d also like to know your title so I can add it to my collection when it
is ready!
> Thanks,
>
> Arnold
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.tuhs.org/pipermail/tuhs/attachments/20250503/fbbf32f2/attachment-0001.htm>
More information about the TUHS
mailing list