[openstack-dev] [OSSG] Best tool for simple security gate

Travis McPeak Travis_McPeak at symantec.com
Thu Jun 19 18:33:26 UTC 2014


Sorry for quoting the entire previous digest, twas a noob mistake.

Thanks,
  -Travis




On 6/19/14, 11:22 AM, "openstack-dev-request at lists.openstack.org"
<openstack-dev-request at lists.openstack.org> wrote:

>Message: 33
>Date: Thu, 19 Jun 2014 11:21:24 -0700
>From: Travis McPeak <Travis_McPeak at symantec.com>
>To: "openstack-dev at lists.openstack.org"
>	<openstack-dev at lists.openstack.org>
>Subject: Re: [openstack-dev] [OSSG] Best tool for simple security gate
>	checks
>Message-ID: <CFC8760C.40EB%travis_mcpeak at symantec.com>
>Content-Type: text/plain; charset="Windows-1252"
>
>Hi all,
>
>In the OpenStack Security Group (OSSG) we?ve been kicking around the idea
>of getting some simple non-blocking security-related gate tests going.
>These tests would be designed to be simple and automated checks for
>low-hanging fruit such as the use of ?Shell=True?.  The main goal is to
>have these be as noiseless as possible (a low rate of false positives).
>The hope is that if these are useful and unobtrusive enough, when they
>actually do fail, people will take note.
>
>We will start off small, with maybe one simple gate test, and expand later
>if it proves to be useful.  We plan to test heavily internally, and then
>start requesting integration into projects later.
>
>My question is: what is the best tool for the job?  I have heard Pylint
>and Hacking mentioned.  Are there any others?
>
>Thanks,
>  -Travis




More information about the OpenStack-dev mailing list