> > I don't know how Steve's tests behave, but:
> > 1. We can't run destructive tests (uninstalling packages, deleting
> > system
> > files, stopping services).
>
> All are read only. I have several more that do stuff like start each
> servoce and scan
> the audit logs for AVCS, then stop all serv
On Thursday, August 04, 2011 07:53:33 AM Kamil Paral wrote:
> > > Honestly, I don't know. On the one hand, I have some scripts that
> > > are good for fedora
> > > QE in general. For example, the shell error test...why would anyone
> > > purposely write
> > > shell script that does not work? This c
On 08/03/2011 07:22 PM, Steve Grubb wrote:
> Hello,
>
> I just wanted to let everyone know that I've made a number of tests available
> for
> assessing security of the distribution. It is by no means a comprehensive
> auditing
> tool, but the scripts definitely find problems.
>
> http://people.
> > Honestly, I don't know. On the one hand, I have some scripts that
> > are good for fedora
> > QE in general. For example, the shell error test...why would anyone
> > purposely write
> > shell script that does not work? This can always be fixed before a
> > release. Some tests
> > are still unde
On Wed, 2011-08-03 at 23:09 -0400, Steve Grubb wrote:
> On Wednesday, August 03, 2011 03:29:00 PM Adam Williamson wrote:
> > > I just wanted to let everyone know that I've made a number of tests
> > > available for assessing security of the distribution. It is by no means
> > > a comprehensive aud
On Wednesday, August 03, 2011 03:29:00 PM Adam Williamson wrote:
> Looks like interesting stuff. Would any of these be appropriate to be
> integrated into AutoQA so they could be run regularly?
One thing I want to emphasize, every single script on that page found real
problems in
F15. I opened
On Wednesday, August 03, 2011 03:29:00 PM Adam Williamson wrote:
> > I just wanted to let everyone know that I've made a number of tests
> > available for assessing security of the distribution. It is by no means
> > a comprehensive auditing tool, but the scripts definitely find problems.
> >
> >
On Wed, 2011-08-03 at 09:52 -0400, Steve Grubb wrote:
> Hello,
>
> I just wanted to let everyone know that I've made a number of tests available
> for
> assessing security of the distribution. It is by no means a comprehensive
> auditing
> tool, but the scripts definitely find problems.
>
> h
Hello,
I just wanted to let everyone know that I've made a number of tests available
for
assessing security of the distribution. It is by no means a comprehensive
auditing
tool, but the scripts definitely find problems.
http://people.redhat.com/sgrubb/security/
On this list, the rpm-chksec p
