Sender: |
|
Date: |
Thu, 5 Sep 2019 08:54:47 -0500 |
Reply-To: |
|
Message-ID: |
|
Content-Transfer-Encoding: |
7bit |
Subject: |
|
From: |
|
Content-Type: |
text/plain; charset=utf-8; format=flowed |
In-Reply-To: |
|
MIME-Version: |
1.0 |
Comments: |
|
Parts/Attachments: |
|
|
That is a good question!
I'll talk to folks internally about getting that set as "always security".
Pat
On 9/4/19 6:55 PM, Kraus, Dave (GE Healthcare) wrote:
> Random observation of the day - why is scap-security-guide not one of the packages that always goes into security when it is updated?
>
> Given that selinux updates are (per the FAQ), that is...
>
> I guess that selinux is more active at runtime, and scap-security-guide/openscap is passive might be a good argument. And the FAQ does cover it.
>
> Not trying to start any arguments, just wondering.
>
> Our spin is going into an LTM phase per a change in direction from our management, and revisiting the whole security updates for prior releases policy. And we do push use of openscap and the scap-security-guide, which gets good enhancements that should be backward compatible.
>
> Ah well, as I said, not trying to start an argument, and just something that sunk into my head today...
>
--
Pat Riehecky
Fermi National Accelerator Laboratory
www.fnal.gov
www.scientificlinux.org
|
|
|