| 1 |
On Thursday 04 June 2009, Mansour Moufid wrote: |
| 2 |
> Hello list, |
| 3 |
> |
| 4 |
> I was wondering if I could get peoples' opinions of dev-util/splint |
| 5 |
> (the Secure Programming Lint) [1], and specifically in the context of |
| 6 |
> development on Gentoo -- if you've used this tool before and if you |
| 7 |
> did or didn't find it useful? |
| 8 |
> |
| 9 |
> I noticed it wasn't listed as a source code audit aid on the Gentoo |
| 10 |
> Audit project page [2]. Is there a specific reason for this or was |
| 11 |
> simply an oversight? I wouldn't mind contributing a brief paragraph |
| 12 |
> or so on the subject. |
| 13 |
|
| 14 |
Hi Mansour, |
| 15 |
|
| 16 |
I will add the item to the list -- the other tools do not have any |
| 17 |
description either. |
| 18 |
However note that the Auditing project is currently in a sleeping state. |
| 19 |
No one is auditing code in the tree for new vulnerabilities (at least |
| 20 |
not as part of the project). If you have an interest in this subject |
| 21 |
and would like to participate in reviving the project, that would be |
| 22 |
great. It can be a way to become a Gentoo developer and participate in |
| 23 |
a great community, and to cooperate with others in the Security project |
| 24 |
and other vendors. But keep in mind there is a certain amount of work |
| 25 |
that comes with this. |
| 26 |
|
| 27 |
|
| 28 |
Robert |
Archives