From owner-freebsd-audit Tue Feb 22 11:56:39 2000 Delivered-To: freebsd-audit@freebsd.org Received: from pawn.primelocation.net (pawn.primelocation.net [205.161.238.235]) by hub.freebsd.org (Postfix) with ESMTP id 7EBC637B761 for ; Tue, 22 Feb 2000 11:56:35 -0800 (PST) (envelope-from cdf.lists@fxp.org) Received: by pawn.primelocation.net (Postfix, from userid 1016) id 3E05D9B17; Tue, 22 Feb 2000 14:56:34 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by pawn.primelocation.net (Postfix) with ESMTP id 2DA80BA1D; Tue, 22 Feb 2000 14:56:34 -0500 (EST) Date: Tue, 22 Feb 2000 14:56:34 -0500 (EST) From: "Chris D. Faulhaber" X-Sender: cdf.lists@pawn.primelocation.net To: Peter Jeremy Cc: freebsd-audit@FreeBSD.ORG Subject: Re: Software security scanner In-Reply-To: <00Feb23.065008est.115215@border.alcanet.com.au> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, 23 Feb 2000, Peter Jeremy wrote: > > It sounds like a useful tool to find the bits of code that need to > be studied in depth. Has anyone looked at it? > As a matter of fact, I have. See http://www.FreeBSD.org/~jedgar/its4.shar for my preliminary port. It seems to be decent at showing possible vulnerabilities, but doesn't always differentiate between real problems and potential ones (e.g. proper and improper uses of sprintf). Even so, it does make it easier to scan code than manually grepping, especially for those who are not familiar with good programming techniques. My only problem with the port is some ambiguity with their licensing WRT commercial use...and not seeming to know the proper snprintf syntax in their configure script :) ----- Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org -------------------------------------------------------- FreeBSD: The Power To Serve - http://www.FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message