DragonFly Security Officer and Security Team

Eirik Nygaard eirikn at kerneled.com
Wed Nov 17 08:53:48 PST 2004


On Wed, Nov 17, 2004 at 05:25:34PM +0100, Devon H. O'Dell wrote:
> Hello all,
> 
> ``Who can act as a security officer and participate in a security team 
> for our project?''
I can run for this election, since I am just in school these days I usually have
enough time, and I have access to the internet even when I am at school.
Man, I almost feel like writing a resume. :-)

> 
[ ... ]
> 
> Unfortunately, obscurity is critical when a vulnerability is discovered. 
> As it stands, it is difficult to find anybody to contact privately when 
> such a matter is revealed. It may or may not be obvious to some who the 
> head developers of the project are and it may or may not be obvious 
> whether or not they have time to deal with the issue.
I agree, we have grow a lot this last year, and having a secure place to pass on
security issues will become just increasingly important.

> 
[ ... ]
> 
> I hope we can get something worked out with this.
We always do.

I think there should be at least for starters a team of two people. At least for
the moment. These people should at least in my opinion be persons that are
already commiters. I can think of several people with commit access I believe
would be good for the job. I think the biggest problem with most people are time
constraints, but I guess those who want to be a part of the security team will
step up and say so for them self.

-- 
Eirik Nygaard





More information about the Kernel mailing list