Hola,

I was cruising around on the Internet and came across a really interesting
program.  It's a source code security scanner that can be extended through
the use of an exploits database.  I ran it against the /bin/sh source
and it identified several 'risky' issues that we may or may not have 
previously identified.  I'm giving some thought to running against the
entire -current /usr/src/*bin* directory tree and see what it says.

Obviously, the raw output would be overwhelming (as well as incredibly
noisy) but it might find some interesting things we haven't found in the
past.  Combined with lint, this could be a good double check for the
NetBSD source code tree.

The program, for anyone else that's interested, is in
http://www.rstcorp.com/its4/

It's available for free to non-commercial use (I think, check the web
site to find out for sure) but the source code is available and it
compiles without a hitch on NetBSD-current.

Dave Burgess