We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Taking an inspiration from https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/critical-software-definition-explanatory and https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/critical-software-definition-faqs#Ref_FAQ3, could we use the techniques from #41 to identify additional projects that operate on the network or run with privileges, at least on Linux systems?
Examples from debtags include: https://debtags.debian.org/reports/facets/security (n=900) and https://debtags.debian.org/reports/taginfo/works-with::network-traffic (n=100) as well as https://debtags.debian.org/reports/taginfo/admin::user-management (n=100) and https://debtags.debian.org/reports/taginfo/admin::virtualization (n=400)
debtags
Another approach involves using privilege definitions. Using package manifests and full paths merged with, e.g.:
https://gitlab.com/apparmor/apparmor-profiles/-/tree/master/ubuntu/20.04 https://github.com/netblue30/firejail/tree/master/etc
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Taking an inspiration from https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/critical-software-definition-explanatory and https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/critical-software-definition-faqs#Ref_FAQ3, could we use the techniques from #41 to identify additional projects that operate on the network or run with privileges, at least on Linux systems?
Examples from
debtagsinclude: https://debtags.debian.org/reports/facets/security (n=900) and https://debtags.debian.org/reports/taginfo/works-with::network-traffic (n=100) as well as https://debtags.debian.org/reports/taginfo/admin::user-management (n=100) and https://debtags.debian.org/reports/taginfo/admin::virtualization (n=400)Another approach involves using privilege definitions. Using package manifests and full paths merged with, e.g.:
https://gitlab.com/apparmor/apparmor-profiles/-/tree/master/ubuntu/20.04
https://github.com/netblue30/firejail/tree/master/etc
The text was updated successfully, but these errors were encountered: