1 |
--On Monday, June 20, 2005 07:34:11 +0300 Rumen Yotov <rumen_yotov@×××.bg> |
2 |
wrote: |
3 |
|
4 |
> Hi, |
5 |
> Recently began using flawfinder& rats and they're working (logging |
6 |
> things). For now don't have time to look at the logs (beside *me* needing |
7 |
> more time to check them), so is there some place/person which |
8 |
> collects/is_interested in such info. Maybe some meta-bug or other, or |
9 |
> just send they upstream (if correct)? |
10 |
> Any experiences with them, are they correct? |
11 |
> Thanks. Rumen. |
12 |
|
13 |
No, they're very little practical use. If you're stuck and need an "entry |
14 |
point" to start auditing from, they may give you a list of places to start |
15 |
looking, but this is effectively no better than `grep strcat *.c`. |
16 |
|
17 |
-- |
18 |
------------------------------------- |
19 |
taviso@××××××××××××.org | finger me for my gpg key. |
20 |
------------------------------------------------------- |