[dovecot] Re: security audit of the code
Farkas Levente
lfarkas at bnap.hu
Tue Jan 14 00:59:52 EET 2003
seth vidal wrote:
> On Mon, 2003-01-13 at 17:12, Timo Sirainen wrote:
>
>>On Mon, 2003-01-13 at 23:30, seth vidal wrote:
>>
>>>Timo,
>>> I know that you're taking an effort to make sure that dovecot is
>>>written securely, but I was wondering if you've asked any third party to
>>>audit the code yet. I don't have the skills necessary to do this but I
>>>bet there is someone out there who does and might be willing to do so.
>>
>>I don't really know who or where to ask. I'd be interested of getting
>>people to audit Dovecot too.
>>
>
>
>
> Would it be reasonable to ask on bugtraq?
>
> What about Chris Evans? - he wrote vsftpd and audited a bunch of Red
> Hat's releases iirc. Maybe worth bugging him to see if he'd be willing
> to look it over?
if he do that, than everybody accept it as "secure"..
--
Levente http://petition.eurolinux.org/index_html
"The only thing worse than not knowing the truth is
ruining the bliss of ignorance."
More information about the dovecot
mailing list