Hello,
I'd like to discuss a long-standing open question about about using
external, widely-used libraries in favour of self-maintained copies or
self-brewn implementations.
I am aware that there is no simple answer.
Among others, the discussion was avout the glib librarary of
the GNOME project. It offers several utility functions e.g. for
hashed data storages or command line parsing to name only two
of them. The code base of OpenVAS could be reduced by using
the functions of glib. Of course, adding further libraries
adds potential security problems. On the other hand, code review is
shared with a much larger developer/user group for widely used external
libraries.
I'd like to hear some opinions about this question.
What strategy should OpenVAS follow?
Are there already noteworthy articles about this question (as it
is absolutely not OpenVAS-specific)?
Best
Jan
--
Dr. Jan-Oliver Wagner Intevation GmbH, Osnabrück
Amtsgericht Osnabrück, HR B 18998 http://www.intevation.de/
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
_______________________________________________
Openvas-discuss mailing list
Openvas-discuss@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
