On Tue, Sep 19, 2017 at 10:04:38PM +0200, Till Maas wrote: > On Thu, Sep 14, 2017 at 10:30:29PM -0400, Jason Callaway wrote: > > A number of exciting projects are planned for this SIG, but we already have > > a working alpha-version of our tool, the Enterprise Linux Exploit Mapper > > (ELEM) [0]. ELEM lets administrators scan their RHEL or CentOS systems for > > vulnerabilities that are associated with known exploits in the wild. We’re > > working on adding Fedora support to ELEM. It currently has only one exploit > > data source [1], but we’re adding more [2]. > > Are you also considering doing offensive security tests > on the Fedora infrastructure? This was my first association when I heard > the SIG's name. :-) While that's of interest, it's also not an activity we can easily open up to a community effort at this point. Some of the Fedora infrastructure sits on equipment operated by Red Hat, so there are restrictions on who'd be able to participate in offensive testing. In discussing with Jason, I advised it was best not to set up false expectations on that front. -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ The open source story continues to grow: http://opensource.com _______________________________________________ security mailing list -- security@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to security-leave@xxxxxxxxxxxxxxxxxxxxxxx