On Mon, 2009-11-23 at 18:16 -0600, Chris Adams wrote: > Once upon a time, Adam Williamson <awilliam@xxxxxxxxxx> said: > > It's not QA's role to define exactly what the security policy should > > look like or what it should cover, but from the point of view of > > testing, what we really need are concrete requirements. The policy does > > not have to be immediately comprehensive - try and cover every possible > > security-related issue - to be valuable. Something as simple as spot's > > proposed list of things an unprivileged user must not be able to do - > > http://spot.livejournal.com/312216.html - would serve a valuable purpose > > here. > > IMHO that's a backwards way of approaching security. You will never be > able to define everything somebody should _not_ be able to do. You > should always take the approach of defining what somebody _should_ be > able to do. But think from a QA perspective. However the policy is phrased, we have to test the negatives. If we just tested that all the 'could' things on the list were OK, we would happily approve a release that gave everyone root privileges. After all, everyone would be able to do all the things they were supposed to do. it'd be a 100% pass. =) -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
