[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-developers] Security proposal
From: |
Kai Hofmann |
Subject: |
[Phpgroupware-developers] Security proposal |
Date: |
Tue, 15 Jul 2003 11:29:51 +0200 |
Has somebody thought about trying
http://www.securesoftware.com/download_form_rats.htm
RATS - Rough Auditing Tool for Security - is an open source tool developed
and maintained by Secure Software security engineers. RATS is a tool for
scanning C, C++, Perl, PHP and Python source code and flagging common
security related programming errors such as buffer overflows and TOCTOU
(Time Of Check, Time Of Use) race conditions.
RATS scanning tool provides a security analyst with a list of potential
trouble spots on which to focus, along with describing the problem, and
potentially suggest remedies. It also provides a relative assessment of the
potential severity of each problem, to better help an auditor prioritize.
This tool also performs some basic analysis to try to rule out conditions
that are obviously not problems
As its name implies, the tool performs only a rough analysis of source code.
It will not find every error and will also find things that are not errors.
Manual inspection of your code is still necessary, but greatly aided with
this tool.
RATS is free software. You may copy, distribute, and modify it under the
terms of the GNU Public License.
Greetings
Kai
--
***** Open Source und Linux im professionellen Einsatz *****
** komplexe Mailserver, Groupware, Office: sprechen Sie uns an **
Dipl.-Inform. Kai Hofmann Team Softwarelösungen
pro|business AG, EXPO Plaza 1 (Deutscher Pavillon), 30539 Hannover
E-Mail: address@hidden, Tel.: 0511/60066-332, Fax: -355
WWW: http://www.probusiness.de/
- [Phpgroupware-developers] Security proposal,
Kai Hofmann <=