phpgroupware-developers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Phpgroupware-developers] Security proposal

From: Dave Hall
Subject: Re: [Phpgroupware-developers] Security proposal
Date: Tue, 15 Jul 2003 19:39:44 +1000 
Cool, thanks for the tip.  I think this (or something similar) should go
into the release plan.

Cheers

Dave


Kai Hofmann <address@hidden> wrote:

> Has somebody thought about trying
> 
> http://www.securesoftware.com/download_form_rats.htm
> 
> RATS - Rough Auditing Tool for Security - is an open source tool 
> developedand maintained by Secure Software security engineers. 
> RATS is a tool for
> scanning C, C++, Perl, PHP and Python source code and flagging common
> security related programming errors such as buffer overflows and 
> TOCTOU(Time Of Check, Time Of Use) race conditions.
> 
> RATS scanning tool provides a security analyst with a list of 
> potentialtrouble spots on which to focus, along with describing 
> the problem, and
> potentially suggest remedies. It also provides a relative 
> assessment of the
> potential severity of each problem, to better help an auditor 
> prioritize.This tool also performs some basic analysis to try to 
> rule out conditions
> that are obviously not problems
> 
> As its name implies, the tool performs only a rough analysis of 
> source code.
> It will not find every error and will also find things that are 
> not errors.
> Manual inspection of your code is still necessary, but greatly 
> aided with
> this tool.
> 
> RATS is free software. You may copy, distribute, and modify it 
> under the
> terms of the GNU Public License.
> 
> 
> Greetings
> 
>   Kai
> 
> 
> -- 
> *****    Open Source und Linux im professionellen Einsatz    *****
> **  komplexe Mailserver, Groupware, Office: sprechen Sie uns an **
> Dipl.-Inform. Kai Hofmann                    Team Softwarelösungen
> pro|business AG, EXPO Plaza 1 (Deutscher Pavillon), 30539 Hannover
> E-Mail: address@hidden,   Tel.: 0511/60066-332, Fax: -355
> WWW: http://www.probusiness.de/
> 
> 
> 
> _______________________________________________
> Phpgroupware-developers mailing list
> address@hidden
> http://mail.gnu.org/mailman/listinfo/phpgroupware-developers
>

Attachment: dave.hall.vcf
Description: Card for <dave.hall@mbox.com.au>

reply via email to
[Prev in Thread] Current Thread [Next in Thread]