What does Archlinux team does for security

LTSmash · 2009-01-17 00:53:45

Following this thread, i got a question about what is Archlinux doing to improve overall security, since it doesn't has a security team:

http://bbs.archlinux.org/viewtopic.php?id=62093&p=1

Can anybody tell?

Thanks.

pyther · 2009-01-17 02:30:22

I don't think arch does anything specifically for security parse. Mainly arch tries to be bleeding edge, as well as staying fairly stable. So when there is an upgrade upstream it gets updated in arch. Usually security fixes are introduced into new packages. Of course, with new packages there are new security issues, sometimes. I think this is something that comes with arch.

With that said, the developers try to stay as vanilla as possible. However, if there is a majority security risk I believe the developers try to patch that. I think patching security holes is mainly left up to the maintainer of the package.

Hopefully a dev can give more of a insight.

EDIT: Fixed typo's and grammar (and I probably still missed...)

Last edited by pyther (2009-01-17 02:32:36)

Allan · 2009-01-17 02:35:27

Mainly, keep our packages up to date. That fixes most security issues.

Edit: and as pyther said, if a patch is available from upstream to fix a security issue, then it will likely get applied in the absence of a new release.

Ranguvar · 2009-01-17 03:40:47

Since Arch is all rolling release (very little need to backport security fixes), and follows - mostly - a no-patch policy except for those security problems, there's very little to be done. It's handled, as it should be, upstream.

Arch Linux

#1 2009-01-17 00:53:45

What does Archlinux team does for security

#2 2009-01-17 02:30:22

Re: What does Archlinux team does for security

#3 2009-01-17 02:35:27

Re: What does Archlinux team does for security

#4 2009-01-17 03:40:47

Re: What does Archlinux team does for security

Board footer