Date: Tue, 12 Aug 2003 23:35:29 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: twig les <twigles@yahoo.com> Cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) Message-ID: <Pine.NEB.3.96L.1030812233402.71381B-100000@fledge.watson.org> In-Reply-To: <Pine.NEB.3.96L.1030812232612.71381A-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
The real upshot of all this, btw, is that security evaluation against the CC and related specs will have very little relationship to closing bugs associated with realpath(), et al. A source code auditing effort, funded or otherwise, would still be extremely useful, but the goal would have to be a more pragmatic "fewer bugs", and not a certification "Grade A Security" :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030812233402.71381B-100000>