[Security_sig] 9/2 Conf. call minutes
Andy Murren
andy at murren.org
Thu Sep 2 13:34:30 PDT 2004
All,
I think that a series of deliverables with 6-9 month time lines may be a
way for us to handle defining Linux security standards without hurting
ourselves.
Having root broken up into seperate capabilities is something that will
take time for the developer community to implement. Should we have a
sub-team focusing on the seperation of root duties that can report back to
the team recommendations on how to implement?
Other items will be configuration defaults that distributors and
individuals can implement. Those items are the low hanging fruit that can
be done in a reasonably short time frame. Much of that work has been
done, but we might want to consolidate it and put it forth as a standard.
Andy
--
Andy Murren
andy (at) murren (dot) org
More information about the security_sig
mailing list