7 Apr
2006
7 Apr
'06
1:20 p.m.
If the author has been contacted, it should be noted in the commit log. That
alone is enough reason to squash any doubts anyone had. The authors word is
always trusted.
If the author couldn't be contacted, then the code should go through the
audit procedure Art put forward. Whichever part of that procedure was passed
should be noted in the commit log.
Even if it's just something as simple as 'this code uses is fully documented
on XYZ: http://..'
Doing things this way ensures we can look back at the code if the
cleanliness of the reversing methods is ever questioned again. It gives a
good base point for us to start our defence from.
This was all decided when we originally locked the code, but no one has been
following it. Thus we have terms like 'I read this code and it looked clean
to me'.
IMO, that isn't worth anything. I could read parts of the kernel and it
appear to be clean to me. Contacting Alex or correctly auditing the code
would prove otherwise.
In light of this, I think some of the audit measures we went to were a bit
of an over reaction. Perhaps we should have only decided to audit kernel
mode code, or subsections of it.
However we choose to do everything and I'm a firm believer in the phrase 'If
you going to do something, do it right'
Ged.
-----Original Message-----
From: Saveliy Tretiakov [mailto:saveliyt@mail.ru]
Sent: 07 April 2006 13:52
To: ReactOS Development List
Subject: Re: [ros-dev] ncpa
I always contact authors when it is possible. Some authors have left
project years ago and are unreachable.
Murphy, Ged (Bolton) wrote:
The authors of the code should always be contacted
before unlocking unless
the app it produces isn't a part of Windows.
Not doing so undermines the audit process and commit lines like 'I looked
at
this code and it appears clean' is doing just
that.
Ged.
-----Original Message-----
From: Saveliy Tretiakov [mailto:saveliyt@mail.ru]
Sent: 07 April 2006 13:11
To: ReactOS Development List
Subject: Re: [ros-dev] ncpa
Do we need to audit ncpa?
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev
************************************************************************
The information contained in this message or any of its
attachments is confidential and is intended for the exclusive
use of the addressee. The information may also be legally
privileged. The views expressed may not be company policy,
but the personal views of the originator. If you are not the
addressee, any disclosure, reproduction, distribution or other
dissemination or use of this communication is strictly prohibited.
If you have received this message in error, please contact
postmaster(a)exideuk.co.uk
<mailto:postmaster@exideuk.co.uk> and then delete this message.
Exide Technologies is an industrial and transportation battery
producer and recycler with operations in 89 countries.
Further information can be found at www.exide.com
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev
_______________________________________________
Ros-dev mailing list
Ros-dev(a)reactos.org
http://www.reactos.org/mailman/listinfo/ros-dev
************************************************************************
The information contained in this message or any of its
attachments is confidential and is intended for the exclusive
use of the addressee. The information may also be legally
privileged. The views expressed may not be company policy,
but the personal views of the originator. If you are not the
addressee, any disclosure, reproduction, distribution or other
dissemination or use of this communication is strictly prohibited.
If you have received this message in error, please contact
postmaster(a)exideuk.co.uk
<mailto:postmaster@exideuk.co.uk> and then delete this message.
Exide Technologies is an industrial and transportation battery
producer and recycler with operations in 89 countries.
Further information can be found at www.exide.com