Security testing: need for a security policy, and a security-critical package process
Bill Nottingham
notting at redhat.com
Tue Nov 24 18:28:24 UTC 2009
> >I don't want to ship a desktop that doesn't let the user do useful
> >things.
>
> And you can ship a desktop SPIN that way. But the base pkgs should
> not install with an insecure set of choices.
>
> if you want the spin to have a post-scriptlet which allows more
> things, then that's the choice of the desktop sig over the desktop
> spin.
Given how .pkla works, this is likely to be done with packages, not
with %post hackery. (Which should make it much easier to reliably
test, as well.)
Bill
More information about the fedora-devel-list
mailing list