[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [RFC] QEMU Code Audit Team
From: |
Zhi Yong Wu |
Subject: |
Re: [Qemu-devel] [RFC] QEMU Code Audit Team |
Date: |
Tue, 10 Jan 2012 11:31:14 +0800 |
On Fri, Jan 6, 2012 at 11:19 PM, Anthony Liguori <address@hidden> wrote:
> Hi,
>
> I had an idea I wanted to share and see what level of interest there was in
> participating and if anyone knows of a process that other projects follow
> for this.
>
> I'd like to start a more formal and transparent security audit of QEMU. The
> way I'd imagine it working is something like this:
>
> 1) People volunteer to be part of the audit team
>
> 2) Two people walk through a particular piece of code and independently flag
> anything that looks like a potential security issue.
>
> 3) Two people independently review everything that's flagged to see if
> there's a security issue.
>
> Step (3) is something that requires a fairly deep understanding of QEMU but
> step (2) is probably something that a lot of people could participate in.
>
> I'd want to focus initially on the common PC devices. The list isn't all
> that large and a review like this should only take a few hours to complete
> each step.
>
> Would folks be interested in participating in something like this? If so, I
> can start organizing it.
If could, i would like to be one volunteer.
>
> Regards,
>
> Anthony Liguori
>
>
--
Regards,
Zhi Yong Wu
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, (continued)
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Peter Maydell, 2012/01/06
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Stefan Hajnoczi, 2012/01/07
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Kevin Wolf, 2012/01/11
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Anthony Liguori, 2012/01/10
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Kevin Wolf, 2012/01/11
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Andreas Färber, 2012/01/10
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Peter Maydell, 2012/01/10
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Andreas Färber, 2012/01/10
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Kevin Wolf, 2012/01/11
- Re: [Qemu-devel] [RFC] QEMU Code Audit Team, Anthony Liguori, 2012/01/10
Re: [Qemu-devel] [RFC] QEMU Code Audit Team,
Zhi Yong Wu <=