[<prev] [next>] [<thread-prev] [thread-next>] [month] [year] [list]
Date: Mon, 2 Jun 2008 10:29:24 -0400
From: "Chris Rohlf" <chris.rohlf@...il.com>
To: oss-security@...ts.openwall.com
Subject: Re: code reviews (was: ARP handler Inspection tool released)
I have not contributed to this list yet (just signed up) but I do like
the idea of open source projects having a public place to request code
reviews.
Chris
On Mon, Jun 2, 2008 at 10:17 AM, Andrea Barisani <lcars@...rt.org> wrote:
> On Mon, Jun 02, 2008 at 06:10:53PM +0400, Solar Designer wrote:
>>
>> In case we do, I would not mind having such community code reviews occur
>> on this list. I think they would be on-topic. In fact, Sebastian
>> Krahmer even created a section on the wiki for the code reviews - but
>> neither he nor anyone else contributed to it. Sebastian? Anyone else?
>> Please defend yourselves. ;-)
>>
>
> I personally think that open code reviews are a very good idea, and it's
> something OSS projects would greatly benefit from.
>
> That's why oCERT was also started for helping in security audits and code
> review requests (we are already doing some). But if requestor doesn't mind a
> public scrutiny oss-security sure feels like the good place for it.
>
> So I wouldn't mind and I'd actually see this as a benefit for this list.
>
> Cheers
>
> --
> Andrea Barisani | Founder & Project Coordinator
> oCERT | Open Source Computer Emergency Response Team
>
> <lcars@...rt.org> http://www.ocert.org
> 0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
> "Pluralitas non est ponenda sine necessitate"
>
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Hosted by DataForce ISP -
Powered by Openwall GNU/*/Linux