On 06/05/16 00:52, Daniel J Walsh wrote: > > > On 05/05/2016 02:10 PM, Josh Berkus wrote: >>> Currently it is not part of a product and has not has a rigorous >>> review from a security team. However, I believe our approach >>> is good, and if anyone wants a peer-reviewed setuid binary >>> for container features, it's worth considering bubblewrap! >> So I want to have a "Pop the Bubblewrap" contest which we discussed >> somewhere else. That is, let's put out a contest for users to try to >> break through bubblewrap and report the technical issues. We'll have >> some prizes. >> >> I'm happy to run the contest, and RH PR would help publicize it, but I'd >> need someone to manage it from the technical side. >> > I like the idea. We have a security review going on right now with the > Security Response team. Perhaps we should see where they are with the > review before we put out the challenge. > >
happy to help promote this from the CentOS side of things as well regards, -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc
