Re: Arch Linux security is still poor....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 15/03/10 22:03, Ananda Samaddar wrote:
> On Mon, 15 Mar 2010 14:56:32 -0700
> Thayer Williams <thayerw@xxxxxxxxx> wrote:
>>
>> No offence taken and FWIW a lot of people switch distros because of
>> one or two fundamental needs that aren't meant.  This wouldn't be any
>> different.
>>
>> Look forward to hearing what you have to say...
> 
> I'd like to help get things moving before I give up on Arch.  It's too
> good a distro not to.
> 
> I've been having a look at the Gentoo security policy here:
> 
> http://www.gentoo.org/security/en/vulnerability-policy.xml
> 
> It looks like a pretty good template we could adapt to our needs. The
> document in that link is licensed under a Creative Commons attribution
> licence.  It mirrors a lot of the things I was going to suggest too.

After a quick look at it I don't see much that would apply though.  Arch
doesn't have releases.  Arch follows upstream releases very closes (in some
cases even too closely ;-)

So, if there is no need for backporting to a set of packages that has been
blessed into a supported release, what is left to do for a dedicated security
team?

/M

-- 
Magnus Therning                        (OpenPGP: 0xAB4DFBA4)
magnus@therning.org          Jabber: magnus@therning.org
http://therning.org/magnus         identi.ca|twitter: magthe

Attachment: signature.asc
Description: OpenPGP digital signature


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux