Re: Security testing: need for a security policy, and a security-critical package process

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2009-11-24 at 15:34 -0500, Bill Nottingham wrote:
> Chris Ball (cjb@xxxxxxxxxx) said: 
> >    >> If some some spin decided to make every user run as root, ship
> >    >> with no firewalling, have password-less accounts, or have
> >    >> insecure services enabled by default, etc.
> > 
> >    > You mean Sugar as configured on the XO? (It has passwordless
> >    > user, who can su without a password.)
> > 
> > It's true, but note that the XO software is technically a "Remix"
> > rather than a "Spin", so there aren't any technical requirements
> > on it to satisfy the use of the Fedora mark.  (I think I'd agree
> > with Greg's point regarding official Fedora spins.)
> 
> But if it was such a concern with respect to the Fedora brand and
> image, I would think the same argument would apply, even if it
> was just branded as a 'Fedora remix'. 

SoaS is not Fedora-branded in any way, AFAIK.

-- 
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org
http://www.happyassassin.net

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux