Gentoo Archives: gentoo-security

From: Robert Buchholz <rbu@g.o>
To: gentoo-security@l.g.o
Cc: Mansour Moufid <mansourmoufid@×××××.com>
Subject: Re: [gentoo-security] the Gentoo Audit project and dev-util/splint
Date: Thu, 04 Jun 2009 10:58:27
Message-Id: 200906041258.21882.rbu@gentoo.org
In Reply to: [gentoo-security] the Gentoo Audit project and dev-util/splint by Mansour Moufid
On Thursday 04 June 2009, Mansour Moufid wrote:
> Hello list, > > I was wondering if I could get peoples' opinions of dev-util/splint > (the Secure Programming Lint) [1], and specifically in the context of > development on Gentoo -- if you've used this tool before and if you > did or didn't find it useful? > > I noticed it wasn't listed as a source code audit aid on the Gentoo > Audit project page [2]. Is there a specific reason for this or was > simply an oversight? I wouldn't mind contributing a brief paragraph > or so on the subject.
Hi Mansour, I will add the item to the list -- the other tools do not have any description either. However note that the Auditing project is currently in a sleeping state. No one is auditing code in the tree for new vulnerabilities (at least not as part of the project). If you have an interest in this subject and would like to participate in reviving the project, that would be great. It can be a way to become a Gentoo developer and participate in a great community, and to cooperate with others in the Security project and other vendors. But keep in mind there is a certain amount of work that comes with this. Robert

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies

Subject Author
Re: [gentoo-security] the Gentoo Audit project and dev-util/splint Mansour Moufid <mansourmoufid@×××××.com>