| |||||||||||||
Fedora, Red Hat, and distributor securityFedora, Red Hat, and distributor securityPosted Aug 26, 2008 0:47 UTC (Tue) by kov (subscriber, #7423)Parent article: Fedora, Red Hat, and distributor security
@jengelh: while I agree with you with regards to what a company such as Microsoft would do it's not like Fedora/RedHat treated this incident in a way that makes it stand when compared to other standards.
The Debian servers compromise of 2003 was handled much more timely and in a better fashion, and should be taken as example and standard for comparison in my opinion. Taking a look at the history for the 2003 compromise may be a good way of understanding what I am talking about:
Initial announcement: http://www.debian.org/News/2003/20031121
Initial detailed report for the public developers announce mailing list: http://lists.debian.org/debian-devel-announce/2003/11/msg...
Final detailed report: http://www.debian.org/News/2003/20031202
(Log in to post comments)
Fedora, Red Hat, and distributor security Posted Aug 26, 2008 1:01 UTC (Tue) by jspaleta (subscriber, #50639) [Link]
Thanks for the pointers to the deb incident. I think this will make for an excellent point of discussion for Fedora policy.
-jef
Fedora, Red Hat, and distributor security Posted Aug 26, 2008 5:45 UTC (Tue) by sbergman27 (guest, #10767) [Link]
"""
I think this will make for an excellent point of discussion for Fedora policy. """
Please do let us know how it goes and what comes of the discussion.
Fedora, Red Hat, and distributor security Posted Aug 28, 2008 9:54 UTC (Thu) by hadess (subscriber, #24252) [Link]
And there's no mention in there of the fact that Red Hat people helped diagnose the intrusion (if that's the Debian intrusion I remember about, might well have been another one).
And it's easier to report about a break-in when the problem has been diagnosed. It's most likely still being diagnosed and plugged before making the full timeline public.
|
|||||||||||||