From owner-freebsd-current Tue Nov 23 14: 8:38 1999 Delivered-To: freebsd-current@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id A920514C1F; Tue, 23 Nov 1999 14:08:36 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 920F81CD7BC; Tue, 23 Nov 1999 14:08:31 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Tue, 23 Nov 1999 14:08:31 -0800 (PST) From: Kris Kennaway To: Gerald Abshez Cc: current@FreeBSD.ORG Subject: Re: FreeBSD security auditing project. In-Reply-To: <383B0F03.70A84532@manhattanprojects.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 23 Nov 1999, Gerald Abshez wrote: > Here is my 0.02: > > I think it would be useful to identify "unsafe" functions, so that > anyone can participate in the "eyeball" portion of the game. This means > that we need eyeballed, identified as a (potential) problem and fixed, > as well as some other possiblities. There is a lot of code out there, > and it would help if we could involve the non-programmers in the search. > > Comments? Yep, this is part of the "education" component: "this is what an unsafe function call looks like, and this is how to fix it". There's bound to be enough useful documentation out there which we can collect and point to. Kris ---- Cthulhu for President! For when you're tired of choosing the _lesser_ of two evils.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message