Hi,
Slightly off topic, but I've been hearing on and off about automated apps that search c source code for "gross violations" of a security nature (improper buffer checking comes to mind here) in the so called underworld. Is there such a thing, and would it be something that SuSE would provide for all the folk who don't necessarily use RPMs for everything?
I think you may be referring to Slint. See: http://www.lopht.com/slint.html
slint is vaporware and does not exist. the l0pht guys announced it - I think - 2 years ago, and every year I'm trying again to buy it (it's payware) but I get always the same reply: "it's not there yet, we will contact you when it's ready" ... *sigh* sourcecode audits are not easy to do by a tool anyway. programs are that complex that you need a human being to see through it. tools can only help/support. Greets, Marc -- E@mail: marc@suse.de Function: Security Support & Auditing "lynx -source http://www.suse.de/~marc/marc.pgp | pgp -fka" Key fingerprint = B5 07 B6 4E 9C EF 27 EE 16 D9 70 D4 87 B5 63 6C