, that is). So
making these capabilities non-inheritable makes sense to me.
Comments?
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
folks might already have something.
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
are appreciated.
Do you expect that the signature algorithm restrictions will apply to
the self-signatures as well?
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
This was briefly discussed over on debian-devel. Would this something
Fedora might want to do, too?
Original Message
Subject: Re: Bits from the Security Team
Resent-Date: Sat, 08 Mar 2014 18:24:06 +0100
Resent-From: Florian Weimer f...@deneb.enyo.de
Resent-To: fwei
On 04/16/2014 11:33 AM, Pavel Kankovsky wrote:
Is there some way to pass on user information with IPsec?
SELinux can do it with security contexts:
http://selinuxproject.org/page/NB_Networking#Labeled_IPSec
Ah, okay, this is an option at least. Thanks.
--
Florian Weimer / Red Hat Product
we cannot update it right now. Eric has the details.
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security
On 06/05/2014 04:41 PM, Eric H. Christensen wrote:
Who still uses 1024-bit keys? You aren't finding a CA to sign them.
By default, sshd uses 1024 bits for the protocol 1 ephemeral server key.
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security
been initialized. I proposed a patch to add a variable under
/proc/sys, but that wasn't accepted. There have been some recent
discussions on the kernel and systemd side, but no one feels
responsible, so there hasn't been any actual progress.
--
Florian Weimer / Red Hat Product Security Team
On Fri, May 26, 2017 at 10:25 AM, Stanislav Ochotnicky
wrote:
>
> Hi folks,
>
> this is just to make sure things won't come up as a surprise. I am
> assuming there are a few things that might need to be tweaked on your
> end due to incoming Fedora modularity.
>
> I think