Re: sendmail trojan
From: Alexandros Papadopoulos (apapadop@cmu.edu)Date: 10/18/02
- Previous message: michel 'ziobudda' morelli: "Re: Can't Resolve from behind firewall"
- In reply to: Stephane Nasdrovisky: "Re: sendmail trojan"
- Next in thread: Chris Santerre: "RE: sendmail trojan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Alexandros Papadopoulos <apapadop@cmu.edu> To: "Stephane Nasdrovisky" <stephane.nasdrovisky@uniway.be> Date: Fri, 18 Oct 2002 11:29:31 -0400
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That's exactly my point. Who does the code review? You, the final user of the
product? No way! You implicitly trust the supplier to do that for you. Or
does your company employ an army of programmers that take apart all source
files of any application you compile and review its functionality?
> Haven't you ever heard of code review ? It's part of any decent software
> development process.
>
> Alexandros Papadopoulos wrote:
> > Frankly, even if the trojan was enclosed in <blink></blink> statements,
> > in 80,000 lines of code it would be lost. It's not feasible for one
> > single coder to proofread everything he/she compiles. You have to
> > implicitly trust the coder/maintainer/distributor, I see no other way.
- -A
- --
http://www.andrew.cmu.edu/~apapadop/pub_key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
iD8DBQE9sCjbgmAMwQt1gmURAjXHAJ4sfBlgXPXHlFemQylohn5hfqyZ9gCfWajL
7TiagN/zmdnp66vygkl0KZ4=
=QFPV
-----END PGP SIGNATURE-----
- Previous message: michel 'ziobudda' morelli: "Re: Can't Resolve from behind firewall"
- In reply to: Stephane Nasdrovisky: "Re: sendmail trojan"
- Next in thread: Chris Santerre: "RE: sendmail trojan"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
