[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Wed, 2009-11-18 at 17:58 -0600, Chris Adams wrote:
> Any package (whether new or an update) that adds/changes PolicyKit,
> consolehelper, or PAM configuration, and anything that installs new
> setuid/setgid executables, should require some additional third-party
> review.  Any significant changes that passes review should require some
> minimum amount of advance notice and documentation on how to revert
> (preferably in some common easy-to-find place in the wiki).
> 
> Is this feasible?  Who needs to look at this?

Previously discussed here:
http://www.redhat.com/archives/rhl-devel-list/2009-August/msg00578.html

Tim.
*/

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]