Extras Security Policy

Linus Walleij triad at df.lth.se
Thu Sep 8 10:55:39 UTC 2005


On Wed, 7 Sep 2005, Warren Togami wrote:

> but security is *hard* for volunteers to do.  Nobody is accountable because 
> it isn't their job responsibility.

But aren't there people using FC+Exras at their work, even being sysadmins 
for large installation bases and reading CERT and bugtraq advisories? (No, 
not everyone use RHEL.) I believe many such installations and sysadmins do 
exist, and part of the natural responsibility for such people would be to 
help the Extras in fixing the packets at source.

If such people does not exist, then proper security audit is perhaps not a 
main focus for the Extras and rather something to be carried out by RHEL 
or other large vendors?

Linus




More information about the fedora-extras-list mailing list