cURL / Mailing Lists / curl-library / Single Mail

curl-library

[what do you think?] libcurl and security

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Fri, 5 Sep 2008 10:03:27 +0200 (CEST)

Hey

I'm going to do a talk[*] on security in "popular" open source software in a
while, with stories and experiences from our little project.

So I'm curious on how you app authors feel about security and the curl
project, in general and specific cases. I feel that I have a view on this from
an author's perspective and I have opinions about what we (can) do to make
curl and libcurl remain safe and secure. But how do you users of (primarily)
libcurl view us; the code, the project, the product from a security
perspective?

It could also be an opportunity to point out flaws, to identify good practices
or perhaps even explain how you handle the risk it must be to base
applications or products on a pure open source library.

The topic is open and rather generic, and I am interested in all sorts of
angles on this.

[*] = the talk will be held in Stockholm Sweden in the beginning of October,
       and it will be held in Swedish. The material will be made available
       afterwards (but slides are most likely in Swedish as well then!) I will
       post the exact date and link to further information on my blog within a
       couple of days when the public info about this event is out.

-- 
  / daniel.haxx.se
Received on 2008-09-05