On Thu, Jul 01, 2004 at 06:09:05AM -0400, [EMAIL PROTECTED] created magic using only numbers: > On Wed, 30 Jun 2004 21:08:27 CDT, Paul Schmehl <[EMAIL PROTECTED]> said: > > > I attended a presentation yesterday for a security product in the > > application firewall field. During the presentation, the CISSP stated that > > "in every 1000 lines of code there will be 15 errors". > > Actually, I suspect most coders are *worse* than that.
You may be right, but your calculations are an order of magnitude off. :) > Sendmail 8.13.0 weighs in at just about 90K lines of C code for > the main program. By that metric, there should only have been 135 > bugs in it. In fact, there are 441 occurrences of 'Problem noted by' > in the release notes. Maybe you were not really awake yet (look at the Date header!), but if its 15 errors/KLOC, then 90K lines of code should have 90*15=1350 bugs, not 9*15=135. You made the same mistake with BIND. I do not like those two pieces of software, but this time you showed that the Sendmail/BIND people are better than the average programmer. Akos -- Akos Szalkai <[EMAIL PROTECTED]> Principal IT Consultant, CISA 2F 2000 Szamitastechnikai es Szolgaltato Kft. Tel: (+36-1)-4887700 Fax: (+36-1)-4887709 WWW: http://www.2f.hu/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
