[arch-dev-public] How to integrate Sheriff and Arch?

Hugo Doria hugodoria at gmail.com
Wed Oct 15 13:57:01 EDT 2008

A few days ago I showed Sheriff [1], . IMHO it is good tool to help us
improve Arch's security.

What is missing now is a way to integrate Sheriff with Arch and mark a
vulnerability as fixed.

It would be great if we could add a field in PKGBUILD to indicate that
it fixed a vulnerability. It could be a comment (as the 'Contributor'
tag work) or even a new variable (fix=('vulnx' 'vulny')).

All this, of course, leads to some other things as commitment to
correct flaws or the creation of a security team. I do not know. I am
open to suggestions and would really like to know what you guys think
about it and if you think it is worth.

[1] http://dev.archlinux.org/~hugo/sheriff/

-- Hugo

More information about the arch-dev-public mailing list