[illumos-Developer] security issues

Roland Mainz roland.mainz at nrubsig.org
Wed Dec 8 07:26:18 PST 2010


On Wed, Dec 8, 2010 at 4:23 PM, Roland Mainz <roland.mainz at nrubsig.org> wrote:
> On Wed, Dec 8, 2010 at 3:45 PM, Jerry Jelinek <jerry.jelinek at joyent.com> wrote:
>> Back when Sun was doing OpenSolaris they were
>> plugged into the various agencies, such as CERT,
>> which issue advance notification when a security
>> hole has been found.  Sun could then quickly address
>> the bug and issue a patch.
>> Has anyone given any thought to how this might work
>> now?  Is it up to each distro to deal with these problems
>> or is there some way we could all leverage common
>> work through Illumos?  Does anyone know how to get
>> Illumos plugged into the various places which track these
>> security holes before they are widely published?
>
> AFAIK we need two things:
> 1. The bugtracker needs a boolean/checkbox which says "this bug is a
> security issue and must only (initially) to a rstricted group of

"... security issue and must only be (initially) visible to a
restricted group of..."
(sorry, forgot to read the email a 2nd time... ;-( )

----

Bye,
Roland

-- 
  __ .  . __
 (o.\ \/ /.o) roland.mainz at nrubsig.org
  \__\/\/__/  MPEG specialist, C&&JAVA&&Sun&&Unix programmer
  /O /==\ O\  TEL +49 641 3992797
 (;O/ \/ \O;)



More information about the Developer mailing list