SoftwareSecurity2012/Group 6/Log
Uit Werkplaats
Group meeting on 15/04/12. The checking of the code check tools has been assigned to the group members. The responsibilities are as follows:
Timetable
Person | Task | Time | Due Date | Remarks |
---|---|---|---|---|
Moe | Check RATS | 4 hours | 18/04/12 | None |
Özgecan | Check RIPS | 4 hours | 18/04/12 | Only tool that detected SQL Injections |
Carsten | Check Yasca | 4 hours | 18/04/12 | None |
Kostas | Check CodeSecure | 4 hours | 18/04/12 | None |
Arturo | Check PHPLint | 4 hours | 18/04/12 | None |
Everybody | Post comments on Wiki about results and reflection of code scanners | 2 hours | 18/04/12 | None |
Everybody | Discussion on partial report requirements | 3 hours | 20/04/12 | None |
Everybody | Improve WIKI content layout as proposed by professor | 2 hours | 21/04/12 | None |
Everybody | Discussion on verification requirements relevant to our goals | 2 hours | 21/04/12 | Agreed to focus in requirements V6.3 and V6.4 |
Everybody | Discussion on how to perform manual code checking | 2 hours | 22/05/12 | Established to find out how SQL queries and escaping are performed |
Everybody | Analyze a PHP file containing SQL queries from root directory
Moe login.php |
8 hours | 22/05/12 | Moe and Carsten found out how queries are performed |
Everybody | Analyze a PHP file containing SQL queries from /include/dlayer/
Moe mysql.php |
2 hours | 23/05/12 | Learned all <database-type>.php files have similar structure |
Everybody | Meeting: discussion about first results of analysis | 2 hours | 26/05/12 | Shared discoveries obtained by each team member e.g. how escaping is performed |
Moe | Write page on DB layer information | 3 hours | 07/06/12 | None |
Carsten | Write page on SQL statements composition (requirements) | 4 hours | 07/06/12 | None |
Arturo | Write page on reflection of the whole process | 4 hours | 09/06/12 | None |
Kostas | Write presentation | 4 hours | 21/06/12 | None |
Ely | Write page on Wanted Documentation, final checks in all Wiki sections, small individual additions to various sections, edits for coherency and overall flow | 4 hours | 21/06/12 | None |