Security testing: need for a security policy, and a security-critical package process
Seth Vidal
skvidal at fedoraproject.org
Tue Nov 24 18:44:16 UTC 2009
On Tue, 24 Nov 2009, Bill Nottingham wrote:
>>> I don't want to ship a desktop that doesn't let the user do useful
>>> things.
>>
>> And you can ship a desktop SPIN that way. But the base pkgs should
>> not install with an insecure set of choices.
>>
>> if you want the spin to have a post-scriptlet which allows more
>> things, then that's the choice of the desktop sig over the desktop
>> spin.
>
> Given how .pkla works, this is likely to be done with packages, not
> with %post hackery. (Which should make it much easier to reliably
> test, as well.)
provided those pkgs are not required anywhere or set in our default pkg
groups, then sure.
-sv
More information about the fedora-devel-list
mailing list