New packages should not be added to CloudRouter unless they have undergone a security review. New packages will be assessed against the following criteria:
- Is the upstream actively maintained?
- Does the upstream have a process for providing security patches and advisories?
- Do any services provided by the package run as an appropriate unprivileged user?
- Does CloudRouter have sufficient resources with appropriate knowledge to support security support for the package?
- Optional: does a quick manual penetration test reveal any serious vulnerabilities?
- If the package includes native binaries:
- Are they all compiled from source?
- Does the specfile include appropriate compiler hardening flags?
- Are they appropriately segregated by architecture?
The following contributors are currently authorized to approve or reject new packages from a security perspective: David Jorm, Paul Gampe, Arun Neelicattu.