When one has an audited code that is deemed secure, a diff is created against the newer code.
Then, the results are examined for changes. These changes are then
analysed manually, if practical ,so avoiding at looking at the entire codes again.
Which might help in finding the smaller, newer bugs that have been introduced by the new chunks of code. However, this won't help you at all if the program is reasonably complex, as you may get subtle interactions between new code and old, adding both potential security holes and mandelbugs.
Just a thought...
Cheers, Jordan -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
