Re: FWTK and smap/smapd

[Darren Reed <darrenr () reed wattle id au>]

In some email I received from Marcus J. Ranum, sie wrote:
[...]
> I don't think audit works: there are more bad programmers than good
> programmers.  So to audit all the code we'd have to stand down all
> the good programmers - who are the guys who get all the useful coding
> done anyhow. The entire software industry would collapse. Legend is
> this may already have happened.

While some may think the point I'm about to make is an example of how
audit works, I think it shows quite clearly that it is "not enough".

Earlier in the year, a bug showed up in mail(1) on OpenBSD.  This
particular bug was OpenBSD specific.  Why?  Because someone changed
some code and reenabled this particular "feature".  That this change
made it into a general release shows that while they may audit reams
of code, they don't audit their own changes very well (hence all of
the OpenSSH bugs from "new features") before 'approving' them for
general consumption by the public.  When I dared to crossexamine them
on this, nobody seemed particularly concerned and nothing was going
to change in their software development methodology/life cycle.

Audit fixes a bug once, it does nothing to make sure it stays fixed
and it is an awfully big waste of time to have to reaudit stuff all
the time.

Darren

p.s. The0 will hate you for not liking his "audit works" drugs :)
p.p.s. Given the above I'd be inclined to take the Open*** crew of
programmers out of the "good" pool, making it somewhat smaller.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards