[GLLUG] RedHat spooked ?

Richard W.M. Jones rich at annexia.org
Thu Jul 3 22:10:21 UTC 2014

On Thu, Jul 03, 2014 at 07:57:29PM +0100, Christopher Hunter wrote:
> I'm led to believe that this has already been done, but by a couple
> of governments!

Lots of people with good and bad intentions are looking for security
holes in software.

Some things Red Hat do:

- Run Coverity (a proprietary static analysis tool) over the
  code in RHEL, fix the bugs, AND submit the fixes upstream
  so everyone benefits.

- Use SELinux as a second line of defence.  We employ 2 people full
  time just writing SELinux policies.

- Develop compiler hardening features upstream, and enable
  them in Fedora & RHEL.

- Pay a security team to deal with the inevitable security problems
  that will happen despite all of the above.

Most importantly compared to proprietary and not-very-committed-to-
the-open-thing companies, all the code we publish is available as
source, upstream first, so you can download it and find out how it


More information about the GLLUG mailing list