1 |
On Thursday 04 June 2009, Mansour Moufid wrote: |
2 |
> Hello list, |
3 |
> |
4 |
> I was wondering if I could get peoples' opinions of dev-util/splint |
5 |
> (the Secure Programming Lint) [1], and specifically in the context of |
6 |
> development on Gentoo -- if you've used this tool before and if you |
7 |
> did or didn't find it useful? |
8 |
> |
9 |
> I noticed it wasn't listed as a source code audit aid on the Gentoo |
10 |
> Audit project page [2]. Is there a specific reason for this or was |
11 |
> simply an oversight? I wouldn't mind contributing a brief paragraph |
12 |
> or so on the subject. |
13 |
|
14 |
Hi Mansour, |
15 |
|
16 |
I will add the item to the list -- the other tools do not have any |
17 |
description either. |
18 |
However note that the Auditing project is currently in a sleeping state. |
19 |
No one is auditing code in the tree for new vulnerabilities (at least |
20 |
not as part of the project). If you have an interest in this subject |
21 |
and would like to participate in reviving the project, that would be |
22 |
great. It can be a way to become a Gentoo developer and participate in |
23 |
a great community, and to cooperate with others in the Security project |
24 |
and other vendors. But keep in mind there is a certain amount of work |
25 |
that comes with this. |
26 |
|
27 |
|
28 |
Robert |