[CentOS] bounties for exploits against CentOS?
Bennett Haselton
bennett at peacefire.org
Mon Jan 16 20:28:33 UTC 2012
On 1/16/2012 12:12 PM, John R Pierce wrote:
> On 01/16/12 10:34 AM, Bennett Haselton wrote:
>> With companies like Facebook and Google offering cash prizes for people
>> who can find security holes in their products, has there ever been any
>> consideration given to offering cash rewards to people finding security
>> exploits in CentOS or in commonly bundled services like Apache?
> companies like facebook and google have significant(!!) cash flow.
> centos is a volunteer project. from where would this prize money come?
>
> you'd do better addressing this question to Redhat Enterprise Linux,
> anyways, since CentOS's goal is to be a near exact copy, bugs and warts
> included.
Well I wasn't necessarily advocating it here, just asking whether people
would feel more or less secure using CentOS if such a prize program
existed (whether run by CentOS or RHEL), and why or why not.
Bennett
More information about the CentOS
mailing list