Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Mon, 2 Jun 2008 19:41:05 +0200
From: Nico Golde <>
Subject: Re: code reviews (was: ARP handler Inspection tool released)

Hi Andrea,
* Andrea Barisani <> [2008-06-02 19:17]:
> On Mon, Jun 02, 2008 at 06:53:20PM +0200, Nico Golde wrote:
> > At least for Debian there is an audit project 
> > ( which is not really 
> > active anymore though. As far as I know Gentoo has a similar 
> > project. What about replacing those by an oss-security-audit 
> > project? I don't think oCert is the solution to audit 
> > requests as it simply lacks of enough manpower to do that in 
> > an organized fashion.
> With all due respect, how exactly do you know that? :)

Just a wild guess, audits are time consuming and you are all 
employed ;)
This was in no way meant to discredit oCert lacking of 
manpower in general. I just didn't had the impression you 
guys have the time to focus on source code audits in the 
first place but mostly on coordination. Sorry if this is 

Nico Golde - - - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.