Comment 10 for bug 1203589

I reviewed ust version 2.1.1-2 as checked into saucy. This should not
be considered a full security audit, but rather a quick guage of code
quality.

- ust provides portions of the userspace components of LTTng, which
  provides a tracing toolkit that can trace both userspace and kernelspace
  execution using centralized "session daemons" that control the
  collection of tracing information.
- Build-depends include liburcu, uuid, texinfo, and systemtap
- Does not use cryptography
- Tracing system uses local Unix networking
- This source package doesn't provide daemons or services
- No cron jobs
- Build logs are clean (mktemp(3) warnings are irrelevant)
- No subprocesses spawned
- Memory management is careful, includes very nice hierarchical memory
  management front-end for many objects, ad hoc objects and strings are
  carefully managed
- Very little file manipulation outside of the (disabled) tests
- Shared memory segment handled carefully
- Client <-> server tracing sockets handled carefully
- All logging functions looked safe
- Environment variables used safely
- Code looked privilege-aware but not privilege-necessary
- No temporary files
- No WebKit

This code solves extremely complicated technical problems and may
represent an incredible support burden should we ever need to extend
this code beyond its current abilities without help from upstream.

This package was programmed in a professional manner with high-quality
code throughout.

Security team ACK for including in main.

Thanks