[Idpy-discuss] Software vulnerabilities in SaToSa
4 Jul
2018
4 Jul
'18
4:08 p.m.
Hi
On 4 Jul 2018, at 12:17, Ivan Kanakarakis
<ivan.kanak at gmail.com> wrote:
On Wed, 4 Jul 2018 at 13:01, Niels van Dijk <niels.vandijk at surfnet.nl> wrote:
I’d also like to know the answers to Ivan’s questions.
When we’re talking about the SaToSa shell (front and backends) then anyone looking for
vulnerabilities must
be very good at the specific protocols used and have the mindset of a hacker.:-)
If that is the case here then I’m really, really looking forward to the result.
If not then I frankly question whether the work is useful.
My 2 c
— Roland
The higher up you go, the more mistakes you are allowed. Right at the top, if you make
enough of them, it's considered to be your style.
-Fred Astaire, dancer, actor, singer, musician, and choreographer (10 May 1899-1987)
No worries (yet), this is not about issues we have uncovered.
We have the opportunity however to have a team from the GEANT project review the code of
SaToSa. We already had them do a review of the InAcademia service itself, now they can
look at the code.
I think that would be great! Is there a process for it? What is
checked; how; and what for?