Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Wed, 3 Apr 2024 19:18:28 +0200
From: Solar Designer <solar@...nwall.com>
To: Maysara Alhindi <maysara.alhindi@...stol.ac.uk>
Cc: oss-security@...ts.openwall.com
Subject: Re: Looking for developers who know how to use Seccomp for a paid study

Hello Maysara,

On Wed, Apr 03, 2024 at 02:24:20AM +0000, Maysara Alhindi wrote:
> I am looking for C developers who have experience with Seccomp for a 1.5-hour study

Your message was borderline off-topic for the oss-security list, where
we have explicit guidelines against posting conference CFPs and survey
questionnaires.  A common pattern with those was that someone external
(not normally participating on oss-security) tried to post them and then
did not intend to post anything actually helpful - which could be e.g.
relevant excerpts from the conference papers such as those disclosing
new security issues in specific Open Source projects.  Now such
attempted postings became rare, perhaps in part due to the published
guidelines and past rejects.

Invites to other kinds of studies are not explicitly discouraged, and
yours sounds like it can potentially benefit Seccomp usability, so (as a
list moderator) I let it through.

Now it's on you to also bring the results of this study to oss-security
and in a way most beneficial to the community.  This may be e.g. a list
of identified issues, how/where they were reported upstream, how you (or
your team) contributed to addressing them, how they (or any of them)
were actually addressed, and what remains to be done.

I am posting this reply publicly to let list members know where we
currently draw the line and that relevant excerpts from conference
proceedings/slides and relevant study results are desirable to post.

Thanks,

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.