[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Wed, 2009-11-18 at 17:58 -0600, Chris Adams wrote:
> Any package (whether new or an update) that adds/changes PolicyKit,
> consolehelper, or PAM configuration, and anything that installs new
> setuid/setgid executables, should require some additional third-party
> review.  Any significant changes that passes review should require some
> minimum amount of advance notice and documentation on how to revert
> (preferably in some common easy-to-find place in the wiki).
> 
> Is this feasible?

Looks like a very good idea to me.

> Who needs to look at this?

Fesco ?

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]