On Tue, Jun 14, 2005 at 10:30:13PM +0200, Javier Fernández-Sanguino Peña wrote:
> - we would like to do a security review of all the base packages before
> etch (at least two people should look into them)
> - we would like to do a security review of a significant percentage of
> extra/optional packages before etch
> - we would like to provide a useful and complete document for all DDs (that
> might be included in the NM process) that describes how to do a security
> audit of their source packages and find the "low hanging fruit" with a mix
> of automatic tools and some sensible questions.
>
> How does any of these sound like?
They all sound great. Here are some types of bugs that the document could
describe:
* format string bugs with syslog(something, something2)
* fscanf(fp, "%s", buf)
* setting HOME to a 16 kB long value and see if things blow up
* strncat(buf2, buf, sizeof(buf2))
* /tmp bugs
* cross-site scripting
I think those can be easily explained and looked for.
// Ulf
|
