On 01/06/2012 10:19 AM, Anthony Liguori wrote:
Hi,

I had an idea I wanted to share and see what level of interest there was
in participating and if anyone knows of a process that other projects
follow for this.

I'd like to start a more formal and transparent security audit of QEMU.
The way I'd imagine it working is something like this:

1) People volunteer to be part of the audit team

2) Two people walk through a particular piece of code and independently
flag anything that looks like a potential security issue.

3) Two people independently review everything that's flagged to see if
there's a security issue.

Step (3) is something that requires a fairly deep understanding of QEMU
but step (2) is probably something that a lot of people could
participate in.

I'd want to focus initially on the common PC devices. The list isn't all
that large and a review like this should only take a few hours to
complete each step.

Would folks be interested in participating in something like this? If
so, I can start organizing it.

Regards,

Anthony Liguori

Count me in for step 2. A good approach may be to run a static analysis tool against the code, followed by a manual scan of the code for common vulnerabilities that static analysis can't find.

--
Regards,
Corey


Reply via email to