On 29/10/14 13:27, James Bulpin wrote:
George Dunlap writes ("Security policy ambiguities - XSA-108 process
post-mortem"):
[snip]
As far as I can tell we basically have the following options:
1. Never allow people to deploy during the embargo period.
2. Always allow people to deploy during the embargo period.
3. Have the security team attempt to evaluate the risk.
4. Have individual cloud operators evaluate the risk.
This seems like a recipe for disaster.
1 and 3 seem like a recipe for disaster as organizations and individual people
who have become aware of issues may have legal and other obligations to their
users, it would also add a fairly strong incentive for a large operator not
to share any issues that they, or a contractor, had found until they had
completed a mitigation.
Perhaps:
5) Have the security team discuss with the discoverer if fixes should be
permitted during the embargo period before the discovery is announced to
the list.
J.
_______________________________________________
Xen-devel mailing list
[email protected]
http://lists.xen.org/xen-devel
