Hi, everyone. Since the big PackageKit brouhaha surrounding Fedora 12, there's been a discussion surrounding the need for a policy about privilege escalation in Fedora. Representing the QA group, we would like for there to be such a policy in order to allow a meaningful review of privilege escalation issues as part of QA's testing of Fedora releases. I took this concern to FESco, who basically said they would be willing to consider any policy that's brought to them, but won't initiate the creation of one. I have asked the security list (which seems mostly dormant), some security folks individually, and it's been discussed on this list, but none of those seem to have been interested in actually creating a policy. So in the end, QA decided we would propose a draft. We realize this is entirely out of our area of expertise, but there appeared to be no alternative. So, here's a draft policy for review. This has been through three rounds of drafts within the QA group, and includes content based on very useful feedback from members of Red Hat's security team, particularly Miloslav Trmac. Thanks to him and to all others who contributed to the QA group discussion. Please do provide any and all feedback on the proposed policy. if we can get it into a shape which most people on the list would find acceptable, my next step will be to take it back to FESco for them to review. Thanks. You can find the draft policy at https://fedoraproject.org/wiki/User:Adamwill/Draft_Fedora_privilege_escalation_policy -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
