[Secure-testing-team] A full audit of SPARC arch by our static
binary analysis tool
Jake Appelbaum
jacob at appelbaum.net
Thu Aug 4 22:58:07 UTC 2005
On Thu, 2005-08-04 at 22:02 +0100, Baruch Even wrote:
> Jake Appelbaum wrote:
> > We'd love that some of the debian security team contact us if they're
> > interested.
>
> I'm not part of the Debian security team, only the testing security
> team, two distinct groups, with roughly the same goal, providing Debian
> with security updates.
>
> I definitely do not represent anyone else but myself.
>
> I am not sure that your suggestion is really something that is relevant
> to Debian itself. It seems similar to the Coverity folks offering of bug
> reports to the Linux Kernel folks. Though your suggestion is more
> comprehensive, possibly covering all packages.
>
> I do think it is an interesting project to do for the general benefit of
> the Linux community. What would be the details of your offering? There
> is obviously the tool itself, and at least I don't have access to a
> sparc machine for the work.
We prefer to work with the team leaders of the Debian project at this
time. We don't want to work against the wishes of the team leaders, even
though we feel like it could be useful to them.
However it does require that we have their cooperation as it would
require a small amount of their time.
Specifically, we need to build all of the SPARC architecture with
debugging symbols to get the most useful information. Currently we're
only offering this to the Debian project and only for SPARC.
--
Jake Appelbaum <jacob at appelbaum.net>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 155 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20050804/bc1c6e63/attachment.pgp
More information about the Secure-testing-team
mailing list