[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Why different keys for -testing and non-testing?

From: Steve Grubb <sgrubb redhat com>
To: fedora-devel-list redhat com
Cc: Jesse Keating <jkeating redhat com>
Subject: Re: Why different keys for -testing and non-testing?
Date: Sat, 17 Jan 2009 14:50:09 -0500

On Saturday 17 January 2009 11:59:09 am Jesse Keating wrote:
> We should also make import of keys an auditable event.
>
> Are not all rpm actions audited?

No. What I'm talking about is perhaps defining a specific audit event type 
that would signify that a key was imported and where it came from. I've seen 
cases where rpm tries to download keys from the network. This is one of the 
few security sensitive actions that is not put into the audit system.

-Steve

Follow-Ups:
- Re: Why different keys for -testing and non-testing?
  - From: Panu Matilainen

References:
- Why different keys for -testing and non-testing?
  - From: Jesse Keating
- Re: Why different keys for -testing and non-testing?
  - From: Steve Grubb
- Re: Why different keys for -testing and non-testing?
  - From: Jesse Keating

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]