On Wed, 2011-05-18 at 19:35 +0000, JB wrote: > The end users of F15 are at risk. > They should be fully advised what's the danger with this product. > After all, it is an open-source project. > > The issue is serious, because it raises not only technical questions, but also > internal (Security, QA, etc teams) and policy ones. Your post is long on platitudes and short on specifics. It's not very convincing, frankly. It's all very well to soapbox about the importance on security, but you need a solid justification as to why you believe local DoS exploits should be treated as a major issue. Please also consider the target audience and intended use cases of Fedora in doing so. Fedora is not a distribution we generally expect to be put into use in contexts where a DoS is a really significant problem; we don't expect anyone to be running it on critical servers. This is one we reason we tend to consider code execution issues to be far more serious. It's also likely that it is not commonly used in a true multi-user configuration with non-trusted users. Remember that Fedora is not RHEL. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Fedora Talk: adamwill AT fedoraproject DOT org http://www.happyassassin.net -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
