Security release criterion proposal
Kevin Kofler
kevin.kofler at chello.at
Wed May 18 17:22:06 UTC 2011
Adam Williamson wrote:
> Hey, all. The topic of whether and which security issues should block
> releases has come up several times before.
Indeed it has. The decision was always that it's not a good idea. I don't
see how the situation has changed to warrant beating that dead horse again.
> # There must be no known remote code execution vulnerability which could
> be exploited during installation or during use of a live image shipped
> with the release
This is just completely and utterly moot considering that there are going to
be many more unknown vulnerabilities than known ones, and that several of
those are inevitably going to come up during the 6-month lifetime of a
release.
It's impossible to ship an exploit-free release just like it's impossible to
ship a bug-free release.
We have a process for security fixes, it's called "updates". I don't see how
a 0-day update wouldn't be an appropriate resolution for a security issue.
Now if you are talking about NTH, then yes, security fixes should be NTH.
Maybe even all of them. But I don't think we should be blocking or delaying
any release for them. We can't fix them all anyway.
Kevin Kofler
More information about the devel
mailing list