Hi
On Wed, Mar 2, 2022 at 11:40 AM Matthew Miller wrote:
On Thu, Feb 24, 2022 at 08:13:15PM +0100, Zbigniew Jędrzejewski-Szmek wrote:
> It would probably be good to use more of those features, but you need
> to understand the service very well to know what systemd security
> features can be enabled for it.
I'd definitely love to see us put more effort into this — but we don't have
any specific resources for this kind of thing, so it needs to be someone's
labor of love.
See https://pagure.io/packaging-committee/issue/667 as a first start...
I am surprised that security engineering folks aren't driving this but no one else is volunteering, I can. It feels like there should be some easy wins here even if we don't get hyper granular about the features we enable.
Rahul
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
