There's a new mailing list on the OWASP ESAPI block at: https://lists.owasp.org/mailman/listinfo/owasp-esapi-c++
Yes, that's right. ESAPI for C++. Well, spare me the oxymoron jokes (my resemblance to an ox and an moron is strictly coincidence)...and besides that was my first reaction as well.
ESAPI for C++ will be a *greatly* stripped down version of ESAPI for JavaEE. The intent will be more similar to ESAPI for C (yes, Virginia, there's one of those too; see http://code.google.com/p/owasp-esapi-c/).
So sign up for the OWASP ESAPI for C++ mailing list. Even though it's mostly intended for developers, we welcome hecklers and other nay sayers as well. (Keeps us from getting too many "yes men" that way.)
Or better yet, sign up, and then get involved. Yes sir (or ma'am). ESAPI for C++ is your chance to become rich and famous. OK, just famous. Hmm, maybe not. But it is a chance for all of you, who like me just sat out there for years using FOSS but without every contributing anything back. (No, those 3 patches that you submitted 7 years ago and that $10 donation to GNU's Free Software Foundation are not enough to make up for all the free software that you've used over the years. C'mon, you tip your barber more than that!)
Uncle OWASP wants you!
Sunday, July 17, 2011
ESAPI for C++
(from Kevin Wall)