1 |
Here is the status update for the Security team, wrt 2005 objectives. |
2 |
|
3 |
- Recruit new team members |
4 |
|
5 |
We should have two new GLSA coordinators (on probation) as soon as the |
6 |
recruitment freeze is over. The objective for the rest of the year is to |
7 |
recruit more people in US/Pacific TZ to ensure a constant watch (most |
8 |
current GLSA coordinators are Europe-based). |
9 |
|
10 |
- Put new procedures in place to ensure kernel security |
11 |
|
12 |
This joint venture with the kernel team is quite advanced now. The |
13 |
kernel security subproject has been created and the Kernel Interactive |
14 |
Security Status system (KISS) is in beta phase. |
15 |
|
16 |
- Improve auditing |
17 |
|
18 |
The addition of Tavis Ormandy and Rob Holland to the auditors team was |
19 |
very beneficial, and the number of vulnerabilities found by the Gentoo |
20 |
Security Audit team now competes with the top other distribution audit |
21 |
teams (Debian, RedHat, SuSE). |
22 |
|
23 |
- Get official CVE compatibility |
24 |
|
25 |
We completed the first steps towards that goal. |
26 |
|
27 |
-- |
28 |
Thierry Carrez (Koon) |
29 |
Operational Manager, Gentoo Linux Security |
30 |
-- |
31 |
gentoo-dev@g.o mailing list |