review of section 7
git-svn-id: http://svn.cacert.org/CAcert/Policies@1194 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
parent
e66491d7cb
commit
209542acc6
1 changed files with 12 additions and 15 deletions
|
@ -801,13 +801,13 @@ Additions to the team are approved by Board
|
||||||
The primary tasks are:
|
The primary tasks are:
|
||||||
</p>
|
</p>
|
||||||
<ol><li>
|
<ol><li>
|
||||||
Keep the code secure,
|
Keep the code secure in its operation,
|
||||||
</li><li>
|
</li><li>
|
||||||
Fix security bugs, including incidents,
|
Fix security bugs, including incidents,
|
||||||
</li><li>
|
</li><li>
|
||||||
Audit, Verify and sign-off proposed patches,
|
Audit, Verify and sign-off proposed patches,
|
||||||
</li><li>
|
</li><li>
|
||||||
Assist Systems Administration team in inserting patches,
|
Guide Systems Administration team in inserting patches,
|
||||||
</li><li>
|
</li><li>
|
||||||
Provide guidance for architecture,
|
Provide guidance for architecture,
|
||||||
</li></ol>
|
</li></ol>
|
||||||
|
@ -821,25 +821,21 @@ In principle, anyone can submit code changes for approval.
|
||||||
<h3> <a name="7.3"> 7.3. </a> Repository </h3>
|
<h3> <a name="7.3"> 7.3. </a> Repository </h3>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
The application code and patches are maintained in a
|
The application code and patches are maintained
|
||||||
central version control system by the
|
in a central repository that is run by the
|
||||||
software development team.
|
software development team.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<p>
|
|
||||||
The integrity of the central version control system
|
|
||||||
is crucial for the integrity of the applications running
|
|
||||||
on the critical systems.
|
|
||||||
</p>
|
|
||||||
|
|
||||||
<h3> <a name="7.4"> 7.4. </a> Review </h3>
|
<h3> <a name="7.4"> 7.4. </a> Review </h3>
|
||||||
|
|
||||||
<p>
|
<p>
|
||||||
Patches are signed off by the team leader
|
At the minimum,
|
||||||
|
patches are signed off by the team leader
|
||||||
or his designated reviewer.
|
or his designated reviewer.
|
||||||
Each software change should be reviewed
|
Each software change should be reviewed
|
||||||
by a person other than the author.
|
by a person other than the author.
|
||||||
Author and sign-off must be logged.
|
Author and signers-off must be logged.
|
||||||
|
The riskier the source is, the more reviews have to be done.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h3> <a name="7.5"> 7.5. </a> Test and Bugs </h3>
|
<h3> <a name="7.5"> 7.5. </a> Test and Bugs </h3>
|
||||||
|
@ -853,9 +849,10 @@ Test status of each patch must be logged.
|
||||||
<p>
|
<p>
|
||||||
Software Development team maintains a bug system.
|
Software Development team maintains a bug system.
|
||||||
Primary communications should go through this system.
|
Primary communications should go through this system.
|
||||||
Access should be granted to all software developers,
|
Management access should be granted to all software developers,
|
||||||
systems administrators, and patch contributors.
|
and systems administrators.
|
||||||
Access may be granted to other Members.
|
Bug submission access should be provided to
|
||||||
|
any Member that requests it.
|
||||||
</p>
|
</p>
|
||||||
|
|
||||||
<h3> <a name="7.6"> 7.6. </a> Handover </h3>
|
<h3> <a name="7.6"> 7.6. </a> Handover </h3>
|
||||||
|
|
Loading…
Reference in a new issue