Security Model Sub-Forum Revitalization


gundamguy

Recommended Posts

What I would really like to see done, is for the Security Model form to be renamed to something akin to "Security Reports" (Which is what was mostly posted in Security Model anyway) and be actively maintained by someone at Lime-Teconology like the RoadMap. AKA when a Security Report that affects unraid pops up, post it in the Security Reports forum, and when a security patch is implemented or pushed out mark it as [solved]/[Fixed].

 

This is based on reading NAS's request from December 2014, and becuase I noticed recent confusion about where to discuss or document security notices that affect unraid, with some posting in General Support. Posting in General Support seems wrong as it'll get drowned out by every day questions, and not all users are inclined to check both general support forms for all version fo unraid. 

Link to comment
  • 1 month later...

What I would really like to see done, is for the Security Model form to be renamed to something akin to "Security Reports" (Which is what was mostly posted in Security Model anyway) and be actively maintained by someone at Lime-Teconology like the RoadMap.

 

I don't; I actually want the security reports addressed in a timely fashion.

Link to comment

Its one of the big advantages of Slackware there are almost no security announcements.

 

Is this because Slackware is really secure? Or is it because nobody bothers/is available to release a security announcement?

 

 

There can be plenty of announcements, its just that since Slackware doesn't use crap like PAM (this is a double edged sword mind you - great for fancy authentication schemes but also great for shooting yourself in the foot and security issues) there will be less exploitable vectors.

 

 

See http://www.slackware.com/security/list.php?l=slackware-security&y=2015 for 2015 bulletins so far

 

 

I run Slackware in the public internet (admittedly low traffic and personal site) and do keep a closer eye on the vulnerabilities.

Link to comment

What I would really like to see done, is for the Security Model form to be renamed to something akin to "Security Reports" (Which is what was mostly posted in Security Model anyway) and be actively maintained by someone at Lime-Teconology like the RoadMap.

 

I don't; I actually want the security reports addressed in a timely fashion.

 

I agree that would be ideal.

 

When I said "Actively Maintained like the RoadMap" what I mean is a thread is open when  secruity report is known, and then someone from LimeTech posts "Fixed in XXXXXXXX" and closes the thread when a fix has been implemented... not really suggesting that these things should linger, just that it should be better documented.

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.