On Fri, Oct 25, 2002 at 10:10:06PM -0500, Drew Scott Daniels wrote: > > > > I hope a little duplication of effort isn't a problem, because I just > > started to create some webpages myself: > > > > http://www.steve.org.uk/Debian/ > > > "Debian rough audits" is at https://sourceforge.net/projects/debraudit/ , > but has almost nothing. I have a brief plan on the web site and a trove > description. I've been waiting until I had more time to investigate rough > auditing tools. I'd actually like to see a regular audit of all Debian > code similar to what it sounds that OpenBSD likes. Even if not being Debian-specific I just wanted to make you aware of an audit project for Linux-security related software available at Sardonix: https://sardonix.org/ Steve, I believe they already have a database ready for audits including popular programs. Why not cooperate with them and put the results of your audits in that site too? Maybe you could audit Debian-related packages and submit information both to them, to the upstream developers and to the Debian security team. Just my 2 cents. Regards Javi
Attachment:
pgpOIDq1mm89V.pgp
Description: PGP signature