[torquedev] Interest in submitting Torque to Coverity Scan ?
Ken Nielson
knielson at adaptivecomputing.com
Tue Mar 8 17:02:14 MST 2011
It looks like TORQUE would be a good candidate to get a for profit exception.
I would be very interested in knowing what our vulnerabilities are.
Ken
----- Original Message -----
From: "Chris Samuel" <samuel at unimelb.edu.au>
To: torquedev at supercluster.org
Sent: Tuesday, March 8, 2011 3:48:34 PM
Subject: [torquedev] Interest in submitting Torque to Coverity Scan ?
Hi folks,
Coverity Scan is a static code analysis tool (closed source)
which provides a free service to qualifying projects to have
their code analysed for security bugs. Projects like Open-MPI,
Apache, etc, already use this service.
According to the FAQ:
http://scan.coverity.com/developers-faq.html
projects that are maintained by for-profit corporations
are included at Coverity's discretion, projects maintained
by individuals or non-profits are automatically eligible.
The Open-MPI people have kindly documented how they
interact with Coverity (page uses self-signed cert):
https://svn.open-mpi.org/trac/ompi/wiki/Coverity
They've got a good reputation for finding security bugs
and I believe it could be a good tool for Torque.
Thoughts ?
cheers!
Chris
--
Christopher Samuel Senior Systems Administrator
VLSCI - Victorian Life Sciences Computational Initiative
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
http://www.vlsci.unimelb.edu.au/
_______________________________________________
torquedev mailing list
torquedev at supercluster.org
http://www.supercluster.org/mailman/listinfo/torquedev
More information about the torquedev
mailing list