rawhide report: 20051104 changes

Arjan van de Ven arjanv at redhat.com
Sun Nov 6 15:34:47 UTC 2005


On Sun, 2005-11-06 at 10:16 -0500, Jack Tanner wrote:
> Elliot Lee wrote:
> > Red Hat's requirements for a build system are quite different from the
> > community's requirements for a build system. Think about Sarbanes-Oxley
> > compliance as an example.
> 
> Wow. That's fascinating. Any chance you could give a very basic, very 
> short example of how SOX compliance is relevant to build systems?

Sometimes RH has contracts for which a part of the payment depends on
delivering certain functionality (eg packages) at certain dates, usually
as part of a RHEL release. SOX then dictates that a company needs to be
in full control and have an accurate record of the actual occurrence of
this contractual event and the steps leading to it. So this includes
authentication, record keeping, reproducability etc which for practical
purposes need to tie into the other infrastructure at RH to be useful in
this sense.





More information about the fedora-devel-list mailing list