Gentoo Archives: gentoo-dev

From: Tavis Ormandy <taviso@g.o>
To: gentoo-dev@l.g.o
Cc: gentoo-hardened@l.g.o
Subject: Re: [gentoo-dev] flawfinder rats logs
Date: Mon, 20 Jun 2005 07:38:05
Message-Id: A92B50E338079A4F291A1F14@[]
In Reply to: [gentoo-dev] flawfinder rats logs by Rumen Yotov
1 --On Monday, June 20, 2005 07:34:11 +0300 Rumen Yotov <rumen_yotov@×××.bg>
2 wrote:
4 > Hi,
5 > Recently began using flawfinder& rats and they're working (logging
6 > things). For now don't have time to look at the logs (beside *me* needing
7 > more time to check them), so is there some place/person which
8 > collects/is_interested in such info. Maybe some meta-bug or other, or
9 > just send they upstream (if correct)?
10 > Any experiences with them, are they correct?
11 > Thanks. Rumen.
13 No, they're very little practical use. If you're stuck and need an "entry
14 point" to start auditing from, they may give you a list of places to start
15 looking, but this is effectively no better than `grep strcat *.c`.
17 --
18 -------------------------------------
19 taviso@××××××××××××.org | finger me for my gpg key.
20 -------------------------------------------------------


Subject Author
Re: [gentoo-dev] flawfinder rats logs Rumen Yotov <rumen_yotov@×××.bg>