On Tue, Apr 28, 1998 at 04:50:45PM +0200, Thomas Roessler wrote: > Further, the policy should require maintainers to tag bug reports about > programs running suid root "critical".
>From http://www.debian.org/Bugs/Developer.html#severities :critical : makes unrelated software on the system (or the whole system) : break, or causes serious data loss, or introduces a security hole : on systems where you install the package. Proper assignment of Severity: is IMHO a part of a maintainer's task already; I don't think this needs to be spelled out in the policy. > (You may also consider to add an option to the bug program which tags a > bug report as a security problem, and thus "critical". In that case, I hope "bug" will explain the meaning of the Severity level chosen and ask for confirmation. > - While installing packages, dpkg-deb(8) should consult the clearance list > and warn the user about certain programs not being in the clearance list. dpkg-deb is a archive packager like ar(1) or tar(1). The proper place for this, if you want it integrated in the package management tools, would be dpkg IMO. > As an additional level of "certification", packages may be tagged > "insecure", depending on previous experience or the level of review (e.g., > the BSD lpr, xbase, and sendmail packages may be tagged "insecure", while > qmail is tagged "secure"). The installation procedure could then ask the > user for the system's security level and warn him if he tries to install a > package with a non-appropriate certification. I object to these labels. Auditing source is a good idea, but even thorough audits are IMO not strong enough a method to base a label "secure" on ("tested", "audited", "previously audited" or whatever are OK by me). Perhaps it would be better to differentiate between several sources people can use to base there trust on (like PGP's feature of calculating trust on the basis of a personal parameter of trust per signator). Ray -- Tevens ben ik van mening dat Nederland overdekt dient te worden. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
