OpenBMC community telecon - 11/20 Agenda

Tanous, Ed ed.tanous at
Tue Nov 21 12:04:54 AEDT 2017

> A minimal starting point would be to run every code repository through
> Coverity Scan. Setting this up with travs-ci isn't too hard (we do it for parts of
> host firmware today).
> Efforts to limit the damage could also be good, like strict SELinux policy. After
> all, much of the current design would work quite well for that.

I meant more along the lines of "would the community be ok with this" more than "is it technically possible".  I think the tooling story has come a long ways in the last few years, especially for open source tools, but I know any attempt to limit what's allowed tends to lead to controversy, so I wanted to see where we all stand.


More information about the openbmc mailing list