On Fri, Sep 20, 2013 at 11:01 AM, Tristan Santore <tristan.santore@xxxxxxxxxxxxxxxxxxxxx> wrote:
On 20/09/13 09:44, Loïc Maury wrote:
Hello Loic,--Hello,
My name is Loïc Maury, I am C/C++/Python/Haskell programmer, and
I try to contribute to Fedora Project.
I have spoken with some persons of Fedora (Infrastructure), and it seem
I can help with this project.
I have some experience with code audit/functional testing( job and
personaly),
static analysis tool, security programming.
I hope I will can help and contribute.
Thank you
Loïc Maury
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
Florian and Eric seem to be doing most of the C/C++ stuff. Our python defensive coding section is only one page. Maybe that would be a good place to start ?
As I mentioned yesterday on list, be nice to cover a variety of topics with pitfalls, even generic stuff like how to do efficient, safe input validation, including with unicode/ascii issues, regexpr pitfalls. Different examples would be great. I suspect many people also use databases, so maybe a few examples for doing in and output validation with proper logging, would also be useful to the community of aspiring pythonians. I am sure there are loads more topics I cannot think of at the moment. Maybe covering xml, json/yaml verification, hashing, TLSing (?).... loads more out there.
Ok, I didn't know, that we have a project about handbook security. I didn't find in fedoraproject wiki ?
Otherwise, I am less fluent in Python than C/C++ but, I think I can help.
The idea is to write some sample code of "how I can do this task with my code safely" ?
Thank you
Loïc Maury
I personally think there is too little good practical information out there, which is why we need a community guide. Maybe soon then, we can have multiple people doing improvements and peer review, to make this guide a very good starting point for programmers, wanting to learn good implementation methodology.
Thank you very much for volunteering.
Of course this is just a suggestion, not a tasking. So, do whatever you would like to do, maybe there is something in the C/C++ guide you see, that also needs improving or adding.
Any help is appreciated! Maybe you know a few others that would be willing to help out.
Keep in mind, this is a community guide, even though it might be branded as a Fedora guide, it is still a major benefit to the FOSS community as a whole.
Thank you again.
Regards,
Tristan
--
Tristan Santore BSc MBCS
TS4523-RIPE
Network and Infrastructure Operations
InterNexusConnect
Mobile +44-78-55069812
Tristan.Santore@internexusconnect.net
Former Thawte Notary
(Please note: Thawte has closed its WoT programme down,
and I am therefore no longer able to accredit trust)
For Fedora related issues, please email me at:
TSantore@xxxxxxxxxxxxxxxxx
--
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
-- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security