Date: Thu, 31 Jan 2013 10:34:41 -0500 From: Corey Bryant <coreyb@...ux.vnet.ibm.com> To: kernel-hardening@...ts.openwall.com CC: Anthony Liguori <aliguori@...ibm.com>, Frank Novak <fnovak@...ibm.com>, George Wilson <gcwilson@...ibm.com>, Joel Schopp <jschopp@...ux.vnet.ibm.com>, Kevin Wolf <kwolf@...hat.com>, Warren Grunbok II <grunbok@...ibm.com> Subject: Secure Open Source Project Guide In light of events like this http://lwn.net/Articles/535149/ "China, GitHub and the man-in-the-middle (Greatfire)", we are thinking that a guide for securing open source projects is needed. For example, recommending pull requests or commits be PGP signed are a few things we've discussed that could defend against a MITM attack inserting malicious code. Does anyone have any thoughts as to where we could publish such a guide? Perhaps the Linux Foundation? I believe we have the resources on this mailing list to work through the details and put together a succinct guide that we could take to a wider audience. -- Regards, Corey Bryant
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.