[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Does Debian need to enforce a better Security policy for packages?

Michael Robinson <robinson@netrinsics.com> writes:

> FreeBSD does it for their ports tree.  In fact, this has been a
> matter of controversy, as the FreeBSD team issues a huge number of
> security advisories for software that really has nothing to do with
> FreeBSD. This has caused casual observers to erroneously believe
> FreeBSD is less secure than other less carefully managed operating
> system projects.

I believe this would not be reasonable for the Debian distribution,
but you could create a customized and secure Debian version where you
do a source code audit before accepting any package. Or maybe it could
be done with another APT tree?

well, just my 2 cents

Reply to: