Security release criterion proposal
Bruno Wolff III
bruno at wolff.to
Wed May 18 16:38:24 UTC 2011
On Wed, May 18, 2011 at 08:57:17 -0700,
Adam Williamson <awilliam at redhat.com> wrote:
> # There must be no known remote code execution vulnerability which could
> be exploited during installation or during use of a live image shipped
> with the release
> Points to consider:
I think there may be some remote exploits that we wouldn't want to block
for. For example if wesnoth turns out to be vulnerable to the game server
or one of the other clients, I don't thank is something we'd want to block for.
If firefox was vulnerable to web pages you visit being able to execute
unsandboxed code, then I feel it's a close call.
I'd prefer not to limit remote code execution to just root. User data
and network bandwidth are valuable. Then we also need to worry about local
root exploits being used in combination with non-root remote code exploits.
I think it is also worth considering whether the exploits are really
exploitable with our default configuration (selinux in enforcing mode).
More information about the test