Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 13 Feb 2016 13:22:09 +0100
From: Florian Weimer <fw@...eb.enyo.de>
To: oss-security@...ts.openwall.com
Subject: Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software

* halfdog:

> Data communicated in the final 2 weeks is secured but I am worried
> about the 6 month centralized, structured and unencrypted
> communication before that, which might be not so hard to tap into.

We generally avoid sitting on vulnerabilities for extended periods.

I doubt many open-source communities would turn away contributors
based on their employment or nationality.  I would find that extremely
discriminatory.  If people are willing to help, you welcome them, and
eventually, this can lead to sharing sensitive security information
with them.

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ