[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: [Savane-dev] Savane cannot be made secure enough
|
From: |
Lorenzo Hernandez Garcia-Hierro |
|
Subject: |
[Savannah-hackers] Re: [Savane-dev] Savane cannot be made secure enough |
|
Date: |
Sat, 10 Apr 2004 17:35:16 +0200 |
Hi Mathiu,
> Apparently. But, as I said, "no reason [...] has ever been mentioned
> publicly".
>
> Looks like SCO claiming that source code has been stolen. Unless
> you have an explicit statement, you cannot do anything against that
> claim.
>
> Unless a public claim about Savane security is made, I will not
> consider that reason seriously -- because there is no reason to do
> otherwise. And if such a claim is made, I expect it to come with
> serious arguments, strong enough to justify the desire to spend time
> to trash the tool instead of fixing it.
There aren't ( in my opinion ) strong enough comments and arguments
to trash Savane ( old Savannah ) and change it with Gforge , and , if
somebody
says: " Savane is not secure enough" i'll take care of auditing GForge and
providing the results publicly , i don't want to do that but , if i can help
Savane ( and GNU )
for preventing a false-sense of security i'll do it , GForge shares some of
the vulnerable
points that Savane has fixed yet because the original code is SF 2.0 .
Independant of security risks , Savane is completely developed for provide
full quality service,
as the service of GNU Savannah , completely pointed at free software
projects.
> In the meantime, the statement "Savane cannot be made secure enough"
> is just totally meaningless. Some people call that FUD, and reasons
> that could lead people to spread such FUD remains to be analysed.
We need the deoFUDscator v. cvs-20041204.
:)
Cheers.