Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Jun 2014 09:58:43 +0400
From: Solar Designer <solar@...nwall.com>
To: Ramon de C Valle <rdecvalle@...are.com>
Cc: oss-security@...ts.openwall.com,
	VMware Security Response Center <security@...are.com>,
	Monty Ijzerman <mijzerman@...are.com>
Subject: Re: Request for linux-distros subscription

On Tue, Jun 03, 2014 at 01:16:47PM -0700, Ramon de C Valle wrote:
> I can attest that Monty is my colleague and the Manager of VMware Security Response Center. As a former colleague of you (Kurt) and also former linux-distros subscriber, I would like to ask for your consideration for subscribing Monty (or myself) to linux-distros on behalf of VMware. Although ESXi isn't a Linux distribution, it implements Linux-compatible system calls and provides a GNU/Linux -like ecosystem that allows many applications that are compiled on/for Linux operating systems to run seamlessly. This ecosystem includes OSS that should be supported in timely fashion pretty much like like any other Linux distribution on the list. It also implements a Linux kernel module interface and uses many Linux device drivers and kernel modules that also should be supported. In addition, ESXi is the base layer that many of the Linux distributions on the list rely upon and run atop of in many datacenters around the world.

Thank you, Ramon.  This is pretty good rationale, but I feel that
getting VMware onto linux-distros for the reasons given above would be a
(possibly desirable) change in who the list is for.  So far, it's been
for Linux distros, and I deliberately chose the linux-distros name for
it.  Now a non-Linux-distro wants to be specifically on linux-distros
(not just on distros), and be exposed to Linux-specific vulnerability
details (albeit for good reasons).  I'd appreciate comments by others
active in this community.

Does VMware have OSS products?  Would it be reasonable to include VMware
security advisory/contact details on our wiki?

http://oss-security.openwall.org/wiki/vendors

If there are specific OSS products with their own advisory/contact
details (different from VMware's catch-all), they may be added to:

http://oss-security.openwall.org/wiki/software

This sort of info could help us evaluate your request.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ