| 2011-11-21 19:21:00 |
Jamie Strandboge |
description |
AppArmor is a Canonical supported project yet several of its binaries are in universe. Most of AppArmor is already in main; these are the binaries that are currently in universe:
- apparmor-notify
- apparmor-profiles
- libpam-apparmor
- libapache2-mod-apparmor
- python-libapparmor
These binaries meet the main inclusion requirements:
Rationale: Their placement in universe is misleading and does not reflect their level of support. Some people may choose to not use these applications because of their placement in the archive, but we should be encouraging people to use these, especially for our upcoming LTS.
Security: there are no CVEs in these packages
Quality assurance:
- no debconf questions higher than medium
- most packages have no configuration. Ones that do have extensive documentation
- no longstanding bugs affecting the package to a major degree
- Package is supported: AppArmor upstream and the Ubuntu Security team treat these as if they were supported in main.
- bugs track in Launchpad upstream project and Ubuntu
- there are testsuites for these, and AppArmor meets the recent Acceptance Criteria with daily builds and distro tests
- there is a debian/watch file
UI standards: command line
Dependencies: all in main (apparmor source and most of its binaries are already in main)
Standards compliance: follows FHS, lintian clean with exception of one manpage warning
Maintenance: these binaries are already supported by Ubuntu Security
Security: these binaries have no CVE history. No daemons, no setuid/setgid |
AppArmor is a Canonical supported project yet several of its binaries are in universe. Most of AppArmor is already in main; these are the binaries that are currently in universe:
- apparmor-notify
- apparmor-profiles
- libpam-apparmor
- libapache2-mod-apparmor
- python-libapparmor
These binaries meet the main inclusion requirements:
Rationale: Their placement in universe is misleading and does not reflect their level of support. Some people may choose to not use these applications because of their placement in the archive, but we should be encouraging people to use these, especially for our upcoming LTS.
Security: there are no CVEs in these packages. No daemons, no setuid/setgid
Quality assurance:
- no debconf questions higher than medium
- most packages have no configuration. Ones that do have extensive documentation
- no longstanding bugs affecting the package to a major degree
- Package is supported: AppArmor upstream and the Ubuntu Security team treat these as if they were supported in main.
- bugs track in Launchpad upstream project and Ubuntu
- there are testsuites for these, and AppArmor meets the recent Acceptance Criteria with daily builds and distro tests
- there is a debian/watch file
UI standards: command line
Dependencies: all in main (apparmor source and most of its binaries are already in main)
Standards compliance: follows FHS, lintian clean with exception of one manpage warning
Maintenance: these binaries are already supported by Ubuntu Security |
|
