Thursday, September 2, 2010

More secure SUSE Gallery

This week we introduced an important feature to SUSE Gallery — the appliance security summary. It is displayed for every published appliance and is designed to help you better understand what the appliance contains. This is useful for security reasons as you can easily see if the appliance contains any sources where undesirable code might slip in. It also provides a quick overview of the appliance’s contents.

Appliance security summary

The security summary will tell you if the appliance contains:

  • unofficial software sources (repositories)
  • custom software packages
  • overlay files (especially executable ones)
  • custom scripts that run after boot

Of course, the presence of any of these does not mean that the appliance is unsafe — many regular and completely safe appliances will have some yellow warning icons displayed in the summary. But it gives you some hints and more control. If you ever encounter any unsafe appliance, simply report it. We will take it down immediately and flag the appliance creator’s account accordingly.

1 comment:

  1. I know I can't suggest here new things, but even if I send feedback I get no response.

    Please, we need an option for easy branding. Like this:

    · A branding tab, then a list of programs that can be branded (OpenOffice, Firefox, etc...)

    · Then, people click in the program and upload pictures of all the things (splash screens, etc...)

    · The branding packages are uploaded in our personal repos.

    And, about the post, this may scare users. What you must do is to check if the scripts, etc... are MALICIOUS. Not reporting all!

    My opinion.


© 2013 SUSE