gnueval-security
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Gnueval-security] Info & initial security evaluation form


From: Brandon Invergo
Subject: [Gnueval-security] Info & initial security evaluation form
Date: Mon, 18 Nov 2013 22:25:08 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux)

Hi everyone,

Thanks again for volunteering to evaluate new packages for security
problems!  This is a private list to be used by you as needed during the
evaluations.  For your reference, the current members are:

Christian Grothoff (address@hidden)
Niels Möller (address@hidden)
Stephen Dawson (address@hidden)

So, to review the basic procedure: developers submit their packages to
address@hidden for evaluation.  One of the other evaluators or I
will do a general review of the code (project structure, philosophical
compatibility, adherence to coding standards, etc.)  We will then pass
it on to rms.  He will either dub it a GNU package directly or he will
return it to us with some questions or issues, one of which might be
security-related.  It's at this point that I will pass the package to
this list for you to look at.  There may also be cases where it is
obvious to us that the package should be reviewed by you, in which case
we'll send it directly to you.

You'll then review the code and work with the author as necessary to
improve the software.  When everything is ok, you'll fill out a security
evaluation form, sign it with GPG (clearsign should be fine) and return
it to the original evaluator, who will then include it when
re-submitting to rms.  Below, I've attached a very rough draft of an
evaluation form.  I'm sure you guys have much better ideas of what
should be there but hopefully the draft should be a start.

If you have any suggestions for how to improve this process or if you
need anything clarified, please let me know.  

I can't predict how much time will pass before we need a security
evaluation, so please just keep an eye on this list!

Thanks again.

Cheers,
Brandon

GNU Security Evaluation Report
=============================================================================
* General info

** Program name and version:

** Requested by:

** Message-ID:

** Evaluator:

=============================================================================
* High-level design

** Is the program designed with good security practices in mind?

** Please describe a threat model for the program

** Is there any academic support for the security of the design?

** If the purpose of the program is security-related, does the overall
   design reflect a sound solution to the problem that it tries to
   solve?

** Are any encryption techniques used by the program?  If so, are they
   sound and recommendable techniques?

=============================================================================
* Coding practices

** Has the code shown evidence of practices that might harm security
   (i.e. poor memory management, insufficient user input
   sensitization, etc.)?

** Has the author demonstrated an understanding of any security holes
   in their code when presented with them?  Can he/she be reasonably
   expected to avoid similar problems in the future?

=============================================================================
* Notes and comments during evaluation
  (Email exchange with author(s), evaluator(s), RMS, etc.)


=============================================================================
* Status: (open | working | closed)


** Activity Log:

Attachment: pgpOTWzAERStg.pgp
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]