[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security policy oversight needed?



On Thu, 2009-11-19 at 10:05 -0500, Peter Jones wrote:
> 
> Mike's suggestion of a distro-wide policy is one way to do that, and on it's
> face, it's certainly a lot more practical than a distro wide change control
> board auditing for security relevant changes, or even sillier, expecting
> package maintainers to identify when a change has security implications and
> come asking what they should do.  A "command" infrastructure does not fit
> Fedora or Linux very well.
> 
> I think the policy should be in two parts, though.  Mike's suggestion is good;
> we need general guidelines as to what roles which classes of users are expected
> to fulfill.  We probably also need some packaging policy for applications
> providing escalated privileges via policy kit, like we already have for setuid
> utilities. 

I am in strong agreement here.  A guiding (set of) polic{y,ies} is what
is needed, to help the maintainers who have control make decisions that
fit well with what the Fedora project (or individual spin) is trying to
offer.  We don't need more rubber stamp meetings, just better
guidelines.

Should this be part of the Packaging guidelines, or a different set of
design guidelines?

-- 
Jesse Keating
Fedora -- FreedomĀ² is a feature!
identi.ca: http://identi.ca/jkeating

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]