37 messages in org.freebsd.freebsd-archRe: Importing lukemftpd| From | Sent On | Attachments |
|---|---|---|
| Mike Heffner | Jul 16, 2001 6:24 pm | |
| Dima Dorfman | Jul 16, 2001 10:33 pm | |
| Dan Moschuk | Jul 17, 2001 10:22 am | |
| Kris Kennaway | Jul 17, 2001 10:35 am | |
| Mike Heffner | Jul 17, 2001 4:01 pm | |
| Mike Heffner | Jul 17, 2001 4:29 pm | |
| Greg Lehey | Jul 18, 2001 12:53 am | |
| Alfred Perlstein | Jul 18, 2001 1:04 am | |
| Dan Moschuk | Jul 18, 2001 11:50 am | |
| Dan Moschuk | Jul 18, 2001 11:51 am | |
| Mike Heffner | Jul 18, 2001 8:50 pm | |
| Kris Kennaway | Jul 19, 2001 2:33 am | |
| David O'Brien | Jul 19, 2001 11:21 am |  .patch, .patch |
| Kris Kennaway | Jul 19, 2001 12:29 pm | |
| Kris Kennaway | Jul 19, 2001 12:30 pm | |
| Mike Heffner | Jul 19, 2001 2:46 pm | |
| Mike Heffner | Jul 19, 2001 3:34 pm | |
| David O'Brien | Jul 19, 2001 3:54 pm | |
| David O'Brien | Jul 19, 2001 3:57 pm | |
| Mike Smith | Jul 19, 2001 4:04 pm | |
| Kris Kennaway | Jul 19, 2001 4:37 pm | |
| David O'Brien | Jul 19, 2001 8:30 pm | |
| David O'Brien | Jul 19, 2001 8:36 pm | |
| David O'Brien | Jul 19, 2001 8:39 pm | |
| Kris Kennaway | Jul 19, 2001 9:03 pm | |
| Terry Lambert | Jul 20, 2001 9:34 am | |
| Dima Dorfman | Jul 20, 2001 10:14 am | |
| David O'Brien | Jul 20, 2001 11:22 am | |
| Mike Heffner | Jul 21, 2001 9:11 pm | |
| Assar Westerlund | Jul 22, 2001 2:07 pm | |
| Warner Losh | Jul 23, 2001 3:20 pm | |
| Assar Westerlund | Jul 24, 2001 1:16 pm | .diff |
| Mike Heffner | Jul 24, 2001 5:55 pm | |
| Assar Westerlund | Jul 24, 2001 6:07 pm | |
| Mike Heffner | Jul 24, 2001 8:41 pm | |
| David O'Brien | Jul 27, 2001 10:19 am | |
| Kris Kennaway | Jul 27, 2001 12:07 pm |
| Subject: | Re: Importing lukemftpd | |
|---|---|---|
| From: | Kris Kennaway (kr...@obsecurity.org) | |
| Date: | Jul 27, 2001 12:07:32 pm | |
| List: | org.freebsd.freebsd-arch | |
On Fri, Jul 27, 2001 at 10:19:54AM -0700, David O'Brien wrote:
On Thu, Jul 19, 2001 at 09:03:33PM -0700, Kris Kennaway wrote:
You and John are being paid to work full-time on FreeBSD, and the projects you mentioned are projects you do during your >8 hours a day of paid FreeBSD hacking time. If you were working on these in your own time, say from 10pm at night after a hard day at work,
When we work >8 hours a day, we *are* working on XYZ in our own time. :-)
And the project thanks you for it ;-)
but the deeply embedded ones which rely on interactions between several different parts of the code. That requires someone to sit down for a week and really become intimate with the code, which isn't something that most people can do in their spare time for an hour or two here and there (which is why no-one's done this so far).
Who do you trust to do this review? Me? Anybody? Only members of the S.O. team? Any of the typical contributors to -audit? Surely given your stance on this issue, just anyone coming forward saying they've "audited" the code will appease you.
I'd want to be convinced that a thorough job has been spent looking for problems -- ultimately it comes down to someone I trust saying "I've gone through the code thoroughly and didn't find any more problems". A good indicator of this will probably be patches fixing problems in the code discovered during the audit :-)
Kris