Re: Security testing: need for a security policy, and a security-critical package process

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gene Czarcinski (gene@xxxxxxxxx) said: 
> Keep it simple (KISS) for the initial attempt.  It will grow more complicated 
> all by itself as time passes.
> 
> BTW, the security policy should assume that a grub password is in use so that 
> a user cannot do something like disabling selinux by editing the kernel 
> command line.  This should be tested by the security QA.

That seems very broken. A security policy that is violated on every
single out of the box install that doesn't do customization?

Bill

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux