On Mon, 2010-01-25 at 22:00 -0800, Adam Williamson wrote: > > == New and changed privilege escalation mechanisms == > > Any new privilege escalation mechanisms (where mechanism is defined as > "the code that directly causes privilege escalation") must be submitted > to, and approved by, the Fedora packaging committee. The development and > QA mailing lists must be notified of the approval of new privilege > escalation mechanisms. Any significant changes to the semantics of > existing privilege escalation mechanisms (except for changes that are > obviously not security-relevant) must be announced to the development > and QA mailing lists. Not to sound disrespectful, but why should the packaging committee have and special say in privilege escalation mechanisms ? How does a special interest in spec file syntax qualify for security audits ? I propose to s/packaging committee/FESCo/ there. -- test mailing list test@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe: https://admin.fedoraproject.org/mailman/listinfo/test
