Hi, Jacob Appelbaum wrote (27 Jul 2014 14:24:53 GMT) : > On 7/27/14, intrigeri <[email protected]> wrote: >>> How shall we scope the audit? What do you have in mind? >> >> Everything that relies on privilege separation (see sudo >> configuration) could be worth looking it. In particular, I'm thinking >> of the incremental upgrades security design and implementation.
> I'm happy to look at the sudo rules but I don't know very much about > the incremental upgrades. If you want to talk about it, I'm certainly > open to looking into it. The incremental upgrades design is pretty well documented [1] if one asks me, and it includes a security discussion. I've no experience with how one shall audit such a complex system, but I guess that the first step would be to review the design in isolation, then to verify that the implementation does what the design doc says, and then try and find implementation-specific issues. Note that we're aware of certain limitations, that are not worth reporting again, unless there's new info regarding their severity: see the tickets with the "Incremental upgrades" category on Redmine. [1] https://tails.boum.org/contribute/design/incremental_upgrades/ Cheers, -- intrigeri _______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
