Hi! our good friend Eric Yang has been at it again: spreading FUD about Bigtop: https://s.apache.org/KglM
Nothing new, aside from this quote: ==================================================== Bigtop contains /lib/lsb/init-functions which will import redhat-lsb-core which imports exim. Exim is known for common root escalation vulnerability. If you value your cluster security, I would recommend to think twice before using BigTop. ==================================================== Could someone who's dealt with security for real (Olaf -- your name came to mind immediately) please comment on that JIRA thread? Typically I wouldn't feed Eric 'the troll' Yang, but I think having this type of allegation in a public record could be pretty bad for us. Thanks, Roman.
