oss-sec mailing list archives
Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software
From: Florian Weimer <fw () deneb enyo de>
Date: Sat, 13 Feb 2016 13:22:09 +0100
* halfdog:
Data communicated in the final 2 weeks is secured but I am worried about the 6 month centralized, structured and unencrypted communication before that, which might be not so hard to tap into.
We generally avoid sitting on vulnerabilities for extended periods. I doubt many open-source communities would turn away contributors based on their employment or nationality. I would find that extremely discriminatory. If people are willing to help, you welcome them, and eventually, this can lead to sharing sensitive security information with them.
Current thread:
- Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software halfdog (Feb 12)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software Scotty Bauer (Feb 12)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software halfdog (Feb 13)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software Florian Weimer (Feb 13)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software halfdog (Feb 13)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software Hanno Böck (Feb 13)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software Kristian Fiskerstrand (Feb 13)
- Re: Thoughts about security of Linux distributor collaboration platforms, bugtrackers for opensource software Scotty Bauer (Feb 12)