Gentoo Archives: gentoo-security

From: Mansour Moufid <mansourmoufid@×××××.com>
To: Robert Buchholz <rbu@g.o>
Cc: gentoo-security@l.g.o
Subject: Re: [gentoo-security] the Gentoo Audit project and dev-util/splint
Date: Wed, 10 Jun 2009 20:35:32
Message-Id: 44a1f4d20906101335t108a410bjef39a1d9d97e2004@mail.gmail.com
In Reply to: Re: [gentoo-security] the Gentoo Audit project and dev-util/splint by Robert Buchholz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, Jun 4, 2009 at 6:58 AM, Robert Buchholz<rbu@g.o> wrote:
> However note that the Auditing project is currently in a sleeping state. > No one is auditing code in the tree for new vulnerabilities (at least > not as part of the project).
That's a shame. I get the impression Gentoo is geared toward the security crowd, or rather, more so than other distributions I've come across.
> If you have an interest in this subject > and would like to participate in reviving the project, that would be > great. It can be a way to become a Gentoo developer and participate in > a great community, and to cooperate with others in the Security project > and other vendors.
Yes, exactly. This is the type of project I've been looking to get involved in anyway, so it made sense to try to do so within the framework of Gentoo. : )
> But keep in mind there is a certain amount of work that comes with this.
How much time would members typically put in, say, per week? I imagine it's difficult to estimate an 'average' -- since most of the time spent is probably in actually reviewing source code -- but I'm looking forward to contributing a decent number of hours a week as part of this project. Effort is certainly no deterrent. - -- Mansour Moufid http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x95BBC25F -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5) iEYEARECAAYFAkowGLUACgkQ83JwsZW7wl+FbgCfUREih6vKiNtVvRIGrO02BCB9 VnoAoIJ/r7h4uzdEO/v3WPVQ17rKX9Cx =1Kdq -----END PGP SIGNATURE-----

Replies