Mailinglist Archive: opensuse-buildservice (349 mails)

< Previous Next >
Re: [opensuse-buildservice] Re: How secure is openSUSE build service?
  • From: Boyd Lynn Gerber <gerberb@xxxxxxxxx>
  • Date: Thu, 1 Nov 2007 14:14:12 -0600
  • Message-id: <Pine.LNX.4.64.0711011412400.32709@xxxxxxxxxxxxxxx>
On Thu, 1 Nov 2007, Aniruddha wrote:
On Thu, 2007-11-01 at 12:15 -0600, Boyd Lynn Gerber wrote:
Interesting view from the inside :). I can imagine that devs don't have
time for a full fledged security audit (reviewing all code manually).
And I don't think this is necessary, correct me if I am wrong. Are your
only experienced with 'BSD or also with Gentoo/Debian?

All the various *BSD's and Debian, a little Gentoo, but mainly SUSE. A
audit is necessary for C2. It even requires the HW to be auditted. The
cert is for exactly the system.

You mean 'Trusted Computer System Evaluation Criteria' (
http://en.wikipedia.org/wiki/TCSEC )? I didn't know that one. Is
actually used outside the army?

Yes, it is. I am not able to go into any detail. But C2 is needed for
some things I support.

--
Boyd Gerber <gerberb@xxxxxxxxx>
ZENEZ 1042 East Fort Union #135, Midvale Utah 84047
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
List Navigation
Follow Ups