Security release criterion proposal

"Jóhann B. Guðmundsson" johannbg at gmail.com
Wed May 18 16:28:18 UTC 2011


On 05/18/2011 03:57 PM, Adam Williamson wrote:
> Feedback please! Thanks:)

Given that we ship selinux on by default should this proposal only be 
applicable to exploits/vulnerability that selinux cant catch and prevent 
which leaves us with <insert type of exploits here )?

Don't we need individual(s) from the security team that will be doing 
actively security audit during the development cycle and reporting back 
to QA?

Would not applying this security release proposal to final only suffice?

JBG


More information about the test mailing list