[Security_sig] 9/2 Conf. call minutes

Andy Murren andy at murren.org
Thu Sep 2 13:34:30 PDT 2004


I think that a series of deliverables with 6-9 month time lines may be a
way for us to handle defining Linux security standards without hurting

Having root broken up into seperate capabilities is something that will
take time for the developer community to implement.  Should we have a
sub-team focusing on the seperation of root duties that can report back to
the team recommendations on how to implement?

Other items will be configuration defaults that distributors and
individuals can implement.  Those items are the low hanging fruit that can
be done in a reasonably short time frame.  Much of that work has been
done, but we might want to consolidate it and put it forth as a standard.


Andy Murren
andy (at) murren (dot) org

More information about the security_sig mailing list