On Mon, Jan 4, 2010 at 6:00 PM, Alex Gaynor <[email protected]> wrote:
> So, thinking out loud here, I know the DSF has a policy of hands of in
> the development of Django, but I was thinking (out loud) that perhaps
> it would be sensible for the DSF to hire someone to do a security
> audit of some of this stuff. I have 0 clue about the particulars of
> how anything like that works, but it was just a thought that occurred
> to me.
>
To be honest I prefer the distributed approach ("the more eyes the better")
of sending the code out to be reviewed by volunteers on various
security-related lists. I suppose the two could be combined, but I'd hate
to see a paid person in any way decrease the efforts of volunteers (or our
motivation to find such volunteers). Just my two cents.
Cheers
Tobias
--
Tobias McNulty
Caktus Consulting Group, LLC
P.O. Box 1454
Carrboro, NC 27510
(919) 951-0052
http://www.caktusgroup.com
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-developers?hl=en.
