[Phpgroupware-developers] Security proposal

[Kai Hofmann]

Has somebody thought about trying

http://www.securesoftware.com/download_form_rats.htm

RATS - Rough Auditing Tool for Security - is an open source tool developed
and maintained by Secure Software security engineers. RATS is a tool for
scanning C, C++, Perl, PHP and Python source code and flagging common
security related programming errors such as buffer overflows and TOCTOU
(Time Of Check, Time Of Use) race conditions.

RATS scanning tool provides a security analyst with a list of potential
trouble spots on which to focus, along with describing the problem, and
potentially suggest remedies. It also provides a relative assessment of the
potential severity of each problem, to better help an auditor prioritize.
This tool also performs some basic analysis to try to rule out conditions
that are obviously not problems

As its name implies, the tool performs only a rough analysis of source code.
It will not find every error and will also find things that are not errors.
Manual inspection of your code is still necessary, but greatly aided with
this tool.

RATS is free software. You may copy, distribute, and modify it under the
terms of the GNU Public License.


Greetings

   Kai


-- 
*****    Open Source und Linux im professionellen Einsatz    *****
**  komplexe Mailserver, Groupware, Office: sprechen Sie uns an **
Dipl.-Inform. Kai Hofmann                    Team Softwarelösungen
pro|business AG, EXPO Plaza 1 (Deutscher Pavillon), 30539 Hannover
E-Mail: address@hidden,   Tel.: 0511/60066-332, Fax: -355
WWW: http://www.probusiness.de/