Community mailing list archives

Re: Odoo security

Fabien Bourgeois
- 07/27/2015 06:28:24
Le 27/07/2015 12:06, Dave Ellison a écrit :
> From mainly a user, I have helped people put in Odoo, but not a
> partner. This is a good idea, however I think the goal is too high. It
> shouldn't cost 10k to do a full security audit. Perhaps that I am a
> little naive there.

I'm not a security expert but cost seems reasonable to me. 10k£ can 
appear to be high but according to the campaign page, only 40% of the 
amount will be dedicated to basic* auditing of important pieces whereas 
30% are for bug fixing and 20% to produce guides.

* full audit is for the 25k£ step and beyond

> Also, Odoo themselves only investing about £600 to what is their
> business and potentially improves their software and assurance to
> customers really shocks me.

I have the same opinion : Odoo SA seems to be in the process and 
supporting this campaign. As this topic is IMO very important for an 
enterprise software facing Internet as Odoo, I'm surprised to see this 
contribution (in relation to last year $10 millions funding).

Yaltik, libérez votre système informatique
Tél : /
Fax :
9 rue Gustave Nadaud, 69007 LYON