[torquedev] Interest in submitting Torque to Coverity Scan ?

Ken Nielson knielson at adaptivecomputing.com
Tue Mar 8 17:02:14 MST 2011


It looks like TORQUE would be a good candidate to get a for profit exception.

I would be very interested in knowing what our vulnerabilities are.

Ken

----- Original Message -----
From: "Chris Samuel" <samuel at unimelb.edu.au>
To: torquedev at supercluster.org
Sent: Tuesday, March 8, 2011 3:48:34 PM
Subject: [torquedev] Interest in submitting Torque to Coverity Scan ?

Hi folks,

Coverity Scan is a static code analysis tool (closed source)
which provides a free service to qualifying projects to have
their code analysed for security bugs.  Projects like Open-MPI,
Apache, etc, already use this service.

According to the FAQ:

 http://scan.coverity.com/developers-faq.html

projects that are maintained by for-profit corporations
are included at Coverity's discretion, projects maintained
by individuals or non-profits are automatically eligible.

The Open-MPI people have kindly documented how they
interact with Coverity (page uses self-signed cert):

 https://svn.open-mpi.org/trac/ompi/wiki/Coverity

They've got a good reputation for finding security bugs
and I believe it could be a good tool for Torque.

Thoughts ?

cheers!
Chris
-- 
Christopher Samuel          Senior Systems Administrator
VLSCI - Victorian Life Sciences Computational Initiative
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
          http://www.vlsci.unimelb.edu.au/
_______________________________________________
torquedev mailing list
torquedev at supercluster.org
http://www.supercluster.org/mailman/listinfo/torquedev


More information about the torquedev mailing list