review of section 7
git-svn-id: http://svn.cacert.org/CAcert/Policies@1194 14b1bab8-4ef6-0310-b690-991c95c89dfd
This commit is contained in:
Ian Grigg
parent
e66491d7cb
commit
209542acc6
1 changed files with 12 additions and 15 deletions
|
|
@ -801,13 +801,13 @@ Additions to the team are approved by Board
|
|||
The primary tasks are:
|
||||
</p>
|
||||
<ol><li>
|
||||
Keep the code secure,
|
||||
Keep the code secure in its operation,
|
||||
</li><li>
|
||||
Fix security bugs, including incidents,
|
||||
</li><li>
|
||||
Audit, Verify and sign-off proposed patches,
|
||||
</li><li>
|
||||
Assist Systems Administration team in inserting patches,
|
||||
Guide Systems Administration team in inserting patches,
|
||||
</li><li>
|
||||
Provide guidance for architecture,
|
||||
</li></ol>
|
||||
|
|
@ -821,25 +821,21 @@ In principle, anyone can submit code changes for approval.
|
|||
<h3> <a name="7.3"> 7.3. </a> Repository </h3>
|
||||
|
||||
<p>
|
||||
The application code and patches are maintained in a
|
||||
central version control system by the
|
||||
The application code and patches are maintained
|
||||
in a central repository that is run by the
|
||||
software development team.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
The integrity of the central version control system
|
||||
is crucial for the integrity of the applications running
|
||||
on the critical systems.
|
||||
</p>
|
||||
|
||||
<h3> <a name="7.4"> 7.4. </a> Review </h3>
|
||||
|
||||
<p>
|
||||
Patches are signed off by the team leader
|
||||
At the minimum,
|
||||
patches are signed off by the team leader
|
||||
or his designated reviewer.
|
||||
Each software change should be reviewed
|
||||
by a person other than the author.
|
||||
Author and sign-off must be logged.
|
||||
Author and signers-off must be logged.
|
||||
The riskier the source is, the more reviews have to be done.
|
||||
</p>
|
||||
|
||||
<h3> <a name="7.5"> 7.5. </a> Test and Bugs </h3>
|
||||
|
|
@ -853,9 +849,10 @@ Test status of each patch must be logged.
|
|||
<p>
|
||||
Software Development team maintains a bug system.
|
||||
Primary communications should go through this system.
|
||||
Access should be granted to all software developers,
|
||||
systems administrators, and patch contributors.
|
||||
Access may be granted to other Members.
|
||||
Management access should be granted to all software developers,
|
||||
and systems administrators.
|
||||
Bug submission access should be provided to
|
||||
any Member that requests it.
|
||||
</p>
|
||||
|
||||
<h3> <a name="7.6"> 7.6. </a> Handover </h3>
|
||||
|
|
|
|||
Loading…
Reference in a new issue