[Home] [Agenda] [Needs] [Free] [Propri] [FreeSecu] [SecuFree] [Examples] [Conclusion] [Resources]
[début] Security because of Open Source Software [précédent] [suivant]

* Source-code analysis *

* Security -> curiosity
o how is it designed ?
o how is it coded, understand why and give his point of view
o find potential security flaws
   - a software without source does not allow thoses

* Source-code is reviewed by many motivated and diversified people (peer review)
o proprietary software companies can't achieve this level of review
o this not a warranty

* Examples :
o Trojan in tcp_wrapper, Security flaw in ssh v1

*********************************************************************
HSC ® © Hervé Schauer Consultants 1997-2000 - 4bis, rue de la Gare -  F-92300 Levallois-Perret -  France
Phone : +33 141 409 700 - Fax : +33 141 409 709 - Email : <secretariat@hsc.fr>
- Page 11 -