This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: Coverity scan?
- From: Dan Kegel <dank at kegel dot com>
- To: Roland McGrath <roland at hack dot frob dot com>
- Cc: "Carlos O'Donell" <carlos at redhat dot com>, libc-alpha <libc-alpha at sourceware dot org>
- Date: Wed, 1 May 2013 09:59:32 -0700
- Subject: Re: Coverity scan?
- References: <CAPF-yOZ+b-SpGrZiQh-S7iYGahyNbnrwc_4ar1241jtb8b1yoQ at mail dot gmail dot com> <51808765 dot 8020904 at redhat dot com> <20130501164653 dot 785252C096 at topped-with-meat dot com> <CAPF-yObz1P4vEv0GnNQ-vr12rVp8VO0w0yVv3FioHOJq=_O4Sw at mail dot gmail dot com> <20130501165315 dot 251852C098 at topped-with-meat dot com>
On Wed, May 1, 2013 at 9:53 AM, Roland McGrath <roland@hack.frob.com> wrote:
>> I suppose it's worth another look. Anyone else interested in access?
>
> I don't know how that system works. What kind of access do you mean?
> I'd hope the results are available to everybody so random volunteers
> can just go look and follow up with bug reports or code changes.
Once there's a "scan admin", he can add any "project member" to the access list.
(Presumably that's anyone who has done anything useful for glibc.)
Users on the access list have to agree not to use the data for anything but
filing or fixing bugs in the open source project. If it's a security bug,
the bug has to be handled responsibly, i.e. no public details until it's fixed.
See
http://scan.coverity.com/developers-faq.html
http://scan.coverity.com/faq.html
http://scan.coverity.com/policy.html