[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security testing: need for a security policy, and a security-critical package process





On Mon, 23 Nov 2009, Matthias Clasen wrote:

I don't want to ship a desktop that doesn't let the user do useful
things.

And you can ship a desktop SPIN that way. But the base pkgs should not install with an insecure set of choices.

if you want the spin to have a post-scriptlet which allows more things, then that's the choice of the desktop sig over the desktop spin.

We should not be forcing the choices for the desktop spin on everyone who installs a pkg in the distribution.

-sv


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]