ESAPI-C 1.0
The OWASP Enterprise Security API for C
|
00001 This is the README file for the Enterprise Security API for C library. 00002 00003 What is ESAPI? 00004 ========================== 00005 00006 The Enterprise Security API (ESAPI) is a free, open source library of 00007 security controls that make it easier for programmers to write lower-risk 00008 applications. 00009 00010 The original ESAPI was written for Java web applications and served to 00011 inspire many "ports". These ports are not exactly ports in a traditional 00012 sense, but more domain specific visions of what "the ESAPI of those 00013 languages" should look like. ESAPI for C is one of those visions. 00014 00015 It is a general API for helping programmers to build more secure business 00016 applications. There are easy to use functions for proper auditing, simple 00017 wrappers for cryptographic functions, and much more. 00018 00019 What is ESAPI for C not? 00020 ========================== 00021 00022 ESAPI for C is not a library for helping programmers avoid memory 00023 corruption mistakes. The domain of problems associated with memory 00024 management have inspired a great many libraries and efforts didn't 00025 deserve another unnecessary re-invention. 00026 00027 It is also not a "web" API. 00028 00029 What platforms are supported? 00030 ========================== 00031 00032 The following platforms have been confirmed to support ESAPI for C: 00033 00034 * OSX, 32/64-bit 00035 * Linux, 32/64-bit 00036 00037 Although untested, all the dependencies and source should run on other 00038 POSIX operating systems and Windows.