Extras Security Policy
Greg DeKoenigsberg
gdk at redhat.com
Thu Sep 8 13:49:22 UTC 2005
Note:
I'm in London next month, and I'll be meeting with Mark Cox to brainstorm
some potential solutions to this issue. And we all know it's a big issue,
but Warren's analysis is entirely correct.
--g
_____________________ ____________________________________________
Greg DeKoenigsberg ] [ the future masters of technology will have
Community Relations ] [ to be lighthearted and intelligent. the
Red Hat ] [ machine easily masters the grim and the
] [ dumb. --mcluhan
On Wed, 7 Sep 2005, Warren Togami wrote:
> Hans de Goede wrote:
> >
> > Besides that we need a clear security policy to be written and approved
> > by fesco:
> SNIP
> >
> > We really need an FE security team which wathces over FE's security
> > aspects.
>
> Generally everyone agrees about "need" ...
>
> >
> > I'm in no way volunteering todo any of the work this will cause, not
> > because I don't want to, but because I don't have the time.
> >
>
> but security is *hard* for volunteers to do. Nobody is accountable
> because it isn't their job responsibility. Volunteers generally do the
> "fun" things first, and sometimes one-time harder problems. This does
> not describe what it takes to maintain eternal vigilance necessary of
> people focused on security in the long-term. I am talking here of
> realistic expectations of volunteer capability.
>
> http://lwn.net/Articles/149976/
> The referenced LWN security article writer was surprised by Debian's
> slowest response time to security issues, and while they were impressed
> by Fedora and other company supported distribution support times, they
> were concerned about community maintained distros like Extras. This is
> indicative of the ability of volunteer groups to adequately deal with
> security.
>
> (The example that they used of Clamav however was strange, in that
> Extras actually did do a decent job of quickly upgrading to 0.86.2 after
> the advisory was released.)
>
> It is problematic to say "We really need an FE security team" but also
> say, "I'm in no way volunteering todo any of the work". This too is
> indicative of realistic capabilities and expectations of volunteers.
>
> There are things that we can do like improve the package review
> guidelines for security aspects like you suggested. This is a good
> first step, because it means everyone in a little way is responsible for
> security. "Many eyes."
>
> There are some technical challenges here that we need to deal with like
> the user accounts in packages. After years of loud yelling, we still
> have not come to any consensus about users used by packaged services.
> The current way relied upon by Core packages is broken and unscalable
> because it relies on a finite small set of userid's. Arbitrary
> packages can easily clash, or we could simply run out of numbers.
> Enrico tried to address this with the fedora-usermgmt* stuff, but nobody
> understands it and some have actively removed its usage from packages.
> The packaged user problem is something that we need to come to consensus
> on if we are going to move forward with unambiguous written policy.
>
> Unambiguous written policy is the key here.
>
> Warren Togami
> wtogami at redhat.com
>
> --
> fedora-extras-list mailing list
> fedora-extras-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-extras-list
>
More information about the fedora-extras-list
mailing list