Publications

Books

Unfortunately, all of my books are out of print now, so finding new copies for sale is pretty unlikely. However, you may be able to find copies in used bookstores or on eBay. The material in the books is still generally accurate, although small inaccuracies have crept in over time as standards, commands, and techniques have matured. The main problem, if you can call it that, is that over time the amount of material not covered by the books has increased. But even Using C, which is now 30 years old, still has useful information in it that you won't find in many other places.

All three books are now available for download, in Adobe PDF, ePub (Nook), and MOBI (Kindle) formats. The original example programs for the two programming books are also available. All of these materials are provided for your personal, non-commercial use only.

David A. Curry. UNIX Systems Programming for SVR4. O’Reilly and Associates, Sebastopol, CA. July 1996. ISBN 1-56592-163-1.

Complete text of the book, as well as the example programs, available for download.

David A. Curry. UNIX System Security: A Guide for Users and System Administrators. Addison-Wesley, Reading, MA. May 1992. ISBN 0-201-56327-4.

Complete text of the book available for download.

David A. Curry. Using C on the UNIX System. O’Reilly and Associates, Newton, MA. January 1989. ISBN 0-937175-23-4.

Complete text of the book, as well as the example programs, available for download.

Papers

I've published a few papers over the years; they're all available in PDF format by following the links below. They're listed in reverse chronological order.

Perhaps the most well-known of my papers is Improving the Security of Your UNIX System (the third one down on the list). This paper was the first "practical" guide to securing a UNIX system that had ever been published, and was enormously popular (probably because it was freely available). It was also, as near as I and a few other folks can determine, the first time the term "firewall" was used in print to describe the security appliance we all know and love. Please note that I most emphatically do not claim to have coined the term itself; that honor belongs (we think) to Gene Spafford. Spaf and Simson Garfinkel were working on the first edition of Practical UNIX Security around the same time that I was working on the paper, and the three of us had several discussions about the topic, so I probably got the term from them. The term didn't really become cemented in the security vernacular, though, until Cheswick and Bellovin published their book on the subject in 1994.

H. Debar, D. Curry, and B. Feinstein. The Intrusion Detection Message Exchange Format. Request for Comments 4765, Internet Engineering Task Force, March 2007.

David A. Curry, Samuel D. Kimery, Kent C. De La Croix, and Jeffrey R. Schwab. "ACMAINT: An Account Creation and Maintenance System for Distributed UNIX Systems," in USENIX Large Installation System Administration Conference Proceedings, Colorado Springs, October 1990.

The most current publicly available source code for the program described in this paper is here.

David A. Curry. "Improving the Security of Your UNIX System." SRI International, Technical Report No. ITSTD-721-FR-90-21, April 1990. Reprinted as National Institute of Standards and Technology Interagency Report (NTIS No. PB91120121).

Stephen J. Mahler and David A. Curry. "Access—A Program to Interpret Pathname Access Permissions for the UNIX Operating System," in USENIX Conference Proceedings, Dallas, January 1985.

The original source code for the program described in this paper is here.

Magazine Articles

A long, long time ago, there were a couple of trade rags devoted to UNIX. One was for management-types, and the other was for techies. At one point, I was invited to pen an article for the techie one, and wrote a rant about CRT-based consoles, DB-25 connectors, and cheap, crummy tape drives. For whatever reason, they actually published it (and paid me!). Even more amusing, the points in the article are still, to some degree, valid over 20 years later. (Note for you young whipper-snappers out there: the tape drives referred to in the article are 9-track half-inch-tape reel-to-reel drives in the first part, and quarter-inch tape cartridge drives in the latter part.)

David A. Curry, "Money Well Spent," UNIX Review, 4:7, July 1986, pp. 45-49.