Re: [Xen-devel] [COVERITY ACCESS] for Doug Goldstein

[Andrew Cooper <andrew.cooper3@xxxxxxxxxx>]

On 29/01/16 16:16, Doug Goldstein wrote:
> Hi all,
>
> I agree to the conditions in the Xen Project Security [1] and Coverity
> [2] Contribution guidelines.
>
> I have been a Gentoo Linux developer since 2001 and involved with
> downstream packaging of virtualization products in Gentoo for at least 8
> years with a specific focus on QEMU, libvirt, KVM and now days Xen. I've
> been a libvirt contributor in the past (with commit access) but for the
> last year and half I've found my time consumed in other parts of the
> stack. Most recently I've been contributing to Xen. My day job for the
> last 8 years has been focused on shipping Linux based devices into
> hostile environments and improving the security so that we have some
> confidence that they are secure and untampered with. So I have a
> personal vested interest in ensuring security holes are plugged and not
> left around or provided to organizations with an interest in exploiting
> them. Because of this I would like access to the Coverity results to
> help plug anything that comes up.
>
> My GPG key is not in the strong web of trust since I have very few
> signatures so I can understand if that's a hold up. I'll look forward to
> exchanging some signatures at the next Xen Developer Summit either way.
>
> [1] http://www.xenproject.org/security-policy.html
> [2] http://xenproject.org/help/contribution-guidelines.html

+1

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel