[dovecot] Re: security audit of the code
seth vidal
skvidal at phy.duke.edu
Tue Jan 14 00:18:10 EET 2003
On Mon, 2003-01-13 at 17:16, seth vidal wrote:
> On Mon, 2003-01-13 at 17:12, Timo Sirainen wrote:
> > On Mon, 2003-01-13 at 23:30, seth vidal wrote:
> > > Timo,
> > > I know that you're taking an effort to make sure that dovecot is
> > > written securely, but I was wondering if you've asked any third party to
> > > audit the code yet. I don't have the skills necessary to do this but I
> > > bet there is someone out there who does and might be willing to do so.
> >
> > I don't really know who or where to ask. I'd be interested of getting
> > people to audit Dovecot too.
> >
>
>
> Would it be reasonable to ask on bugtraq?
>
> What about Chris Evans? - he wrote vsftpd and audited a bunch of Red
> Hat's releases iirc. Maybe worth bugging him to see if he'd be willing
> to look it over?
>
heh the above should read:
He wrote vsftpd and audited a variety of programs, and one of Red Hat's
releases iirc.
<sigh>
-sv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://dovecot.org/pipermail/dovecot/attachments/20030113/d892d2ec/attachment-0003.bin>
More information about the dovecot
mailing list