| 1 |
Here is the status update for the Security team, wrt 2005 objectives. |
| 2 |
|
| 3 |
- Recruit new team members |
| 4 |
|
| 5 |
We should have two new GLSA coordinators (on probation) as soon as the |
| 6 |
recruitment freeze is over. The objective for the rest of the year is to |
| 7 |
recruit more people in US/Pacific TZ to ensure a constant watch (most |
| 8 |
current GLSA coordinators are Europe-based). |
| 9 |
|
| 10 |
- Put new procedures in place to ensure kernel security |
| 11 |
|
| 12 |
This joint venture with the kernel team is quite advanced now. The |
| 13 |
kernel security subproject has been created and the Kernel Interactive |
| 14 |
Security Status system (KISS) is in beta phase. |
| 15 |
|
| 16 |
- Improve auditing |
| 17 |
|
| 18 |
The addition of Tavis Ormandy and Rob Holland to the auditors team was |
| 19 |
very beneficial, and the number of vulnerabilities found by the Gentoo |
| 20 |
Security Audit team now competes with the top other distribution audit |
| 21 |
teams (Debian, RedHat, SuSE). |
| 22 |
|
| 23 |
- Get official CVE compatibility |
| 24 |
|
| 25 |
We completed the first steps towards that goal. |
| 26 |
|
| 27 |
-- |
| 28 |
Thierry Carrez (Koon) |
| 29 |
Operational Manager, Gentoo Linux Security |
| 30 |
-- |
| 31 |
gentoo-dev@g.o mailing list |
Archives