Date: Tue, 21 Jul 1998 05:20:24 -0600 From: Brett Glass <brett@lariat.org> To: "Jordan K. Hubbard" <jkh@time.cdrom.com>, Garance A Drosihn <drosih@rpi.edu> Cc: security@FreeBSD.ORG Subject: Re: Projects to improve security (related to C) Message-ID: <199807211120.FAA07335@lariat.lariat.org> In-Reply-To: <27231.900993063@time.cdrom.com> References: <Your message of "Mon, 20 Jul 1998 21:48:11 EDT." <v04011703b1d98657693f@[128.113.24.47]>
next in thread | previous in thread | raw e-mail | index | archive | help
At 08:51 PM 7/20/98 -0700, Jordan K. Hubbard wrote: >> However, I don't want to just drop this issue either. Could we think >> of projects we could do in the next few months, for instance, which >> might help us to improve security? Even if we won't have time to > >Audit. Audit audit audit. More like audit, audit, audit, audit, audit, audit, audit.... Ad infinitum. Ad nauseam. Unreliably. Missing all sorts of holes and bugs. It's not only tedious -- it also doesn't work. Again, quality and security shouldn't be tested in. Or audited in (which is worse, because it misses much more than a mechanical test). --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807211120.FAA07335>