Beefy Boxes and Bandwidth Generously Provided by pair Networks
laziness, impatience, and hubris
 
PerlMonks  

Re: Code Inspections in Open Source projects

by john_oshea (Priest)
on Jan 17, 2008 at 10:58 UTC ( #662841=note: print w/ replies, xml ) Need Help??


in reply to Code Inspections in Open Source projects

Personally, no, but the OpenBSD people seem quite taken with the idea, and Coverity have, presumably to show how good their software is at certain types of analysis.


Comment on Re: Code Inspections in Open Source projects
Re^2: Code Inspections in Open Source projects
by mpeg4codec (Pilgrim) on Jan 17, 2008 at 18:04 UTC
    As the link above states, the OpenBSD team continuously systematically audits their software. However, as the BSDs have so much cross-pollination in their codebases, it ends up being an interesting hybrid approach. I can recall a few instances where bugs that slipped by OpenBSD's security reviewers were caught by folks on the NetBSD team doing non-systematic general reviews.

    If nothing else, it proves that more eyes on a piece of code leads to more secure code, systematic reviews or not, which is one of the real strengths of open source.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://662841]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (11)
As of 2014-09-22 15:22 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (198 votes), past polls