public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed
Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download: 
* Re: [gentoo-dev] flawfinder rats logs
  @ 2005-06-20  7:35 99% ` Tavis Ormandy
  0 siblings, 0 replies; 1+ results
From: Tavis Ormandy @ 2005-06-20  7:35 UTC (permalink / raw
  To: gentoo-dev; +Cc: gentoo-hardened

[-- Attachment #1: Type: text/plain, Size: 844 bytes --]



--On Monday, June 20, 2005 07:34:11 +0300 Rumen Yotov <rumen_yotov@dir.bg>
wrote:

> Hi,
> Recently began using flawfinder& rats and they're working (logging
> things). For now don't have time to look at the logs (beside *me* needing
> more time to check them), so is there some place/person which
> collects/is_interested in such info. Maybe some meta-bug or other, or
> just send they upstream (if correct)?
> Any experiences with them, are they correct?
> Thanks. Rumen.

No, they're very little practical use. If you're stuck and need an "entry
point" to start auditing from, they may give you a list of places to start
looking, but this is effectively no better than `grep strcat *.c`.

-- 
-------------------------------------
taviso@sdf.lonestar.org | finger me for my gpg key.
-------------------------------------------------------

[-- Attachment #2: Type: application/pgp-signature, Size: 197 bytes --]

^ permalink raw reply	[relevance 99%]

Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2005-06-20  4:34     [gentoo-dev] flawfinder rats logs Rumen Yotov
2005-06-20  7:35 99% ` Tavis Ormandy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox