On Thu, 13 Aug 2009 09:38:27 +0800 Paul Wise <p...@debian.org> wrote:
> > There are no security threats that the package can expose directly. > > This is a simple, non-setuid program. There are no configuration > > files with permission issues. No files are ever created directly. > > No network connections are established. > > Ok. Did you try fuzzing the inputs to the program? By using /dev/urandom, and trying with the different parsing options. All you get is noise ;) > One more thing, is there a non-interactive test suite? This would be > useful to ensure that it works on all the platforms where it builds. Unfortunately no. I would have no idea how to test a 100% graphical application. -- To UNSUBSCRIBE, email to debian-mentors-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
