Open Stack

Kurt Seifried wrote:
> On 05/29/2014 12:47 AM, Clark, Robert Graham wrote:
>> I certainly share your frustration, I think the idea with the 
>> anti-patterns is to document the things that get done badly most
>> often in OpenStack and format them in a way that¹s easily
>> consumable by core devs and PTLs. The list should be short enough
>> that they can refer back to it while reviewing new features.
> 
>> It¹s not going to fix anything on it¹s own but anything we can do
>> to help developers not make the same mistakes which, as you point
>> out, have been made for the last 20 years - is a good thing.
> 
>> -Rob
> 
> So a concrete example, I wrote this in 2012? Nothing new, all this
> goes back a few decades:
> 
> https://kurt.seifried.org/2012/03/14/creating-temporary-files-securely/
> 
> Then I checkout all the source code:
> [...]

Yes, it's frustrating. We run those greps from time to time, fix stuff,
but then some new are added, or some new component appears with its own
share.

Ideally we would write a hacking-style test that we would gate against
(to prevent reintroduction) and run those greps at incubation time (to
prevent new components from inserting them).

The problem is, to make it part of gating we'd have to come with an
automated detection that would be right most of the time (and that you
can actively disable in remaining cases). However we receive a lot of
automated reports at the VMT lately, and more than half of them are
actually shallow and do not represent a real vulnerability -- automated
detection is hard.

So this is not a simple problem.

-- 
Thierry Carrez (ttx)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openstack.org/pipermail/openstack-security/attachments/20140530/fdee9a20/attachment.sig>