Security testing: need for a security policy, and a security-critical package process

[Jesse Keating]

On Mon, 2009-11-23 at 17:55 -0500, Matthias Clasen wrote:
> On Mon, 2009-11-23 at 14:08 -0800, Adam Williamson wrote:
> 
> > It's not QA's role to define exactly what the security policy should
> > look like or what it should cover, but from the point of view of
> > testing, what we really need are concrete requirements. The policy does
> > not have to be immediately comprehensive - try and cover every possible
> > security-related issue - to be valuable. Something as simple as spot's
> > proposed list of things an unprivileged user must not be able to do -
> > http://spot.livejournal.com/312216.html - would serve a valuable purpose
> > here.
> 
> I don't think spots list is too useful, unfortunately; discussing an
> abstract 'unprivileged user' without defining some roles and use cases
> doesn't make much sense to me. There is probably a difference between a
> guest account and a regular (non-admin) user in what I want them to be
> able to do; 'unprivileged user' does not allow that distinction. And
> there is certainly a difference between what a regular user is expected
> to be allowed on a family computer vs a university computer lab.
> 

Sure, I don't disagree, but I think we can take spots list and use it
for the 'guest account'.  Then you start picking things off the list as
you move up the stack to 'university computer lab user (is that really
much different from guest?)', to 'non-admin user', to 'admin user'.

-- 
Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20091123/27786de2/attachment.sig>