aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2017-01-05 18:38:17 -0500
committerJack Lloyd <[email protected]>2017-01-05 18:38:17 -0500
commit1df7574b3715848ead3ba349069a9f57ba9ac5df (patch)
treec26234e6511d1ace6e271224ed04e86e6dbe4acb /doc
parent3eb6b8147e982d43d3ee1c5d69769222b031e835 (diff)
Comment on warnings in goals doc [ci skip]
Diffstat (limited to 'doc')
-rw-r--r--doc/manual/goals.rst6
1 files changed, 4 insertions, 2 deletions
diff --git a/doc/manual/goals.rst b/doc/manual/goals.rst
index 710324ece..cf5522904 100644
--- a/doc/manual/goals.rst
+++ b/doc/manual/goals.rst
@@ -33,8 +33,10 @@ the desired end result. Over time further progress is made in each.
* Well tested. The code should be correct against the spec, with as close to
100% test coverage as possible. All available static and dynamic analysis
- tools at our disposal should be used, including fuzzers and specialized attack
- tools for common protocols.
+ tools at our disposal should be used, including fuzzers, symbolic execution,
+ and protocol specific tools. Within reason, all warnings from compilers and
+ static analyzers should be addressed, even if they seem like false positives,
+ because that maximizes the signal value of new warnings from the tool.
* Safe defaults. Policies should aim to be highly restrictive by default, and if
they must be made less restrictive by certain applications, it should be