© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
a60fb26
(Get the code!)
I reviewed python-octavia-lib 2.2.0-0ubuntu1 as checked into groovy. This shouldn't be
considered a full audit but rather a quick gauge of maintainability.
python-octavia-lib is a python3 library for developers writing Octavia
load balancer provider drivers.
- No CVE history.
- No concerning build or runtime depends.
- Only autogenerated maintainer scripts for removing python compiled
bytecode.
- No init scripts.
- No systemd units.
- No dbus services.
- No setuid binaries.
- No binaries in PATH.
- No sudo fragments.
- No polkit files.
- No udev rules.
- Some unit tests, run at build time. No autopkgtests.
- No cron jobs.
- Build log is okay, no lintian warnings or errors.:
- No apparent processes spawned.
- Limited file IO. Uses AF_UNIX sockets to communicate with driver
agents.
- No apparent logging.
- No apparent environment variable usage.
- No use of privileged functions.
- Cryptography: allows use of SSLv3 for pools and listeners.
- No apparent use of temp files.
- No use of WebKit.
- No use of PolicyKit.
- No Coverity findings.
- No significant bandit results.
Security team ACK for promoting python-octavia-lib to main.