> So when Joe Blow clicks on (say) src->bin->cat he'll find that
> (say) markm eyballed the code and kris diffed it with OpenBSD
> and merged in <blah> fixes - "cat now considered safe".

Until the next commit to cat.

A security review is never done.  We need to be in a mode where every
commit is suspect and people are compelled to review it.  BDE's use of
CTM to review changes is actually rather affective in this reguard.

-- 
-- David    ([EMAIL PROTECTED])


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message

Reply via email to