Fedora Core 2 Test 2 - delayed
Mike A. Harris
mharris at redhat.com
Fri Feb 27 15:49:43 UTC 2004
On Fri, 27 Feb 2004, Leonard den Ottolander wrote:
>> Aside from rejecting SElinux merely due to conspiracy theories
>> alone, what would be your suggestion to ensure that this is not
>> the case?
>
>I am not rejecting anything, just inquiring. And I am not very in to
>conspiracy theories, but the source of this patch is an intelligence
>agency, right?
Right.
>I have no suggestions apart from the code being minutely scrutinized by
>people who know how to do that.
It's been scrutinized fairly heavily from what I understand. One
of the beautiful things about open source is that anyone can
scrutinize the source, so it is much more likely to have any
security holes found and fixed in it. That's irrespective of
wether they would be planted or accidental of course.
>> You did upgrade X to the latest version right? ;o)
>
>I was the one that somewhat prematurely polled you about it in
>bugzilla. (Sorry for that, it's just some developers are not as
>responsive and fast with releasing security updates as others.
No problem at all. It's always a good thing when people report
security vulnerabilities to us, even if we're aware of them
already, because an external person doesn't necessarily have a
way to pre-determine wether we're aware of a given issue yet or
not. Also, if it is public, and we've not released erratum yet,
it's to be expected that someone is likely to report the issue to
us, and that's always welcome too. ;o)
Take care,
TTYL
--
Mike A. Harris ftp://people.redhat.com/mharris
OS Systems Engineer - XFree86 maintainer - Red Hat
More information about the fedora-devel-list
mailing list