I think we need a vetting process for new software that developers want to
include with FreeDOS. I'm glad that people are asking to be included, but
there is a certain level of review that we should be doing.
- The source code should be reviewed for obvious problems; back doors and
security problems, unsafe code that might trash files, etc.
- The program should do what it advertises to do. As an example, an
encryption program should provide a reasonable level of encryption. (No
code based on a simplistic cipher should be allowed to call itself
"encryption.")
- The build environment and instructions should be fully explained so that
others can easily rebuild and verify the executable.
If we get enough volunteers to review code that becomes a great way to pass
down the tribal knowledge. It would also help to ensure that the FreeDOS
repositories do not become a new form of wild and crazy shareware library.
Mike
------------------------------------------------------------------------------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn.
Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant.
http://p.sf.net/sfu/gigenet
_______________________________________________
Freedos-devel mailing list
Freedos-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freedos-devel
