Mailinglist Archive: opensuse-buildservice (349 mails)

< Previous Next >
Re: [opensuse-buildservice] How secure is openSUSE build service?
  • From: Adrian Schröter <adrian@xxxxxxx>
  • Date: Thu, 1 Nov 2007 09:05:14 +0100
  • Message-id: <200711010905.14828.adrian@xxxxxxx>
On Wednesday 31 October 2007 22:28:57 wrote Aniruddha:
I wonder what are the security policies for openSUSE? What are the
chances for malicious software (rootkits, trojans) being offered through
the build service?


What is the procedure for security holes and/or exploits in software
offered in the openSUSE build repositories? I get the feeling openSUSE
is becoming just as insecure as Windows hence the warning you get when
adding repo's with 1-click install (see attachment). Or am I mistaken?
Any info would be appreciated!

The 1-click install still asks for the root passwort, so it is as unsecure as
installing rpms manually. It just helps the user to do it more easily.

The "unsecure Windows" did not ask for extra permissions in the old days. But
they improved also a bit more meanwhile.

--

Adrian Schroeter
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nürnberg)
email: adrian@xxxxxxx

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >