From: Kristian Fiskerstrand <k_f@gentoo.org>
To: gentoo-project@lists.gentoo.org, Michael Orlitzky <mjo@gentoo.org>
Subject: Re: [gentoo-project] Re: [pre-glep] Security Project Structure
Date: Tue, 4 Dec 2018 23:17:01 +0100 [thread overview]
Message-ID: <6e4144f5-e69a-96ea-4ce7-717d1f85376b@gentoo.org> (raw)
In-Reply-To: <21194272-4039-e473-8f57-426021fb24b7@gentoo.org>
[-- Attachment #1.1: Type: text/plain, Size: 1880 bytes --]
On 12/4/18 11:05 PM, Michael Orlitzky wrote:
> On 12/4/18 4:05 PM, Kristian Fiskerstrand wrote:
>>
>> I personally don't agree with part of this section; security is
>> relative, and if it is stated to not be supported there are no security
>> assumptions. If anything the removal of these arches as security
>> supported demonstrates an active decisions not to support them, and
>> signals to users of these arches that they can't depend on security
>> information from Gentoo. Stable generally means a stable tree of
>> dependencies, without security assumptions, if this is e.g used in a
>> closed lab that likely doesn't impact much.
>>
>
> This is technically correct, but: how many users even know what a
> security-supported arch is? I would guess zero, to a decimal point or
> two. Where would I encounter that information in my daily life?
>
> If I pick up any software system that's run by professionals and that
> has a dedicated security team, my out-of-the-box assumption is that
> there aren't any known, glaring, and totally fixable security
> vulnerabilities being quietly handed to me.
>
> Having a stable arch that isn't security-supported is a meta-fail... we
> have a system that fails open by giving people something that looks like
> it should be safe and then (when it bites them) saying "but you didn't
> read the fine print!" It should be the other way around: they should
> have to read the fine print before they can use those arches.
Well, in terms of CVEs the documentation matters quite a bit, the
question isn't necessarily what any user would do ... but what a
reasonable user would do.. and a reasonable user would consider the
documented practices of a project.
--
Kristian Fiskerstrand
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2018-12-04 22:17 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-04 20:55 [gentoo-project] [pre-glep] Security Project Structure Kristian Fiskerstrand
2018-12-04 21:05 ` [gentoo-project] " Kristian Fiskerstrand
2018-12-04 22:05 ` Michael Orlitzky
2018-12-04 22:17 ` Kristian Fiskerstrand [this message]
2018-12-04 22:23 ` Michael Orlitzky
2018-12-04 22:35 ` Aaron Bauman
2018-12-04 22:30 ` Aaron Bauman
2018-12-05 9:12 ` M. J. Everitt
2018-12-05 2:36 ` Christopher Díaz Riveros
2018-12-05 3:46 ` Virgil Dupras
2018-12-05 15:02 ` Mikle Kolyada
2018-12-06 22:41 ` Alec Warner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6e4144f5-e69a-96ea-4ce7-717d1f85376b@gentoo.org \
--to=k_f@gentoo.org \
--cc=gentoo-project@lists.gentoo.org \
--cc=mjo@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox