Re: Why not push to stable?

To: Andreas Barth <aba@not.so.argh.org>, debian security <debian-security@lists.debian.org>
Subject: Re: Why not push to stable?
From: Dale Amon <amon@vnl.com>
Date: Wed, 30 Jun 2004 01:51:16 +0100
Message-id: <[🔎] 20040630005116.GB29169@vnl.com>
In-reply-to: <[🔎] 20040626192723.GB9988@mails.so.argh.org>
References: <[🔎] 20040626111804.GA3615@cirrus.madduck.net> <[🔎] 20040626122934.GE14254@mathom.us> <[🔎] 20040626124140.GA4770@cirrus.madduck.net> <[🔎] 20040626124254.GH14254@mathom.us> <[🔎] 20040626125247.GA5013@cirrus.madduck.net> <[🔎] 20040626133133.GA22100@antiochcomputerconsulting.com> <[🔎] 20040626134943.GA5967@cirrus.madduck.net> <[🔎] 20040626192723.GB9988@mails.so.argh.org>

On Sat, Jun 26, 2004 at 09:27:23PM +0200, Andreas Barth wrote:
> * martin f krafft (madduck@debian.org) [040626 15:55]:
> > Note that I am not trying to undermine or criticise or change the
> > Debian security policy. I just want to understand it.

Let's say you have your own internal corporate release.
You have a policy in place that requires you to be able
to identify precisely what the internal state of your
thousands of machines are. Or perhaps you are a facility
that audits things and you do your own secret fixes 
(for instance if you were a government security agency).

You want to at all times have a stable, known base to
start from to apply *your own* fixes. You do not want
stable to be changing underneath you every second day.
If it does, you will go stark raving mad trying to
keep your internal facilities and patches and applications
synced.

Debian is doing this the correct way. Stable is just
what it says on the label: stable. It is a base you
can build on and it won't change underneath you.

-- 
------------------------------------------------------
   Dale Amon     amon@islandone.org    +44-7802-188325
       International linux systems consultancy
     Hardware & software system design, security
    and networking, systems programming and Admin
	      "Have Laptop, Will Travel"
------------------------------------------------------

Reply to:

References:
- Why not push to stable?
  - From: martin f krafft <madduck@debian.org>
- Re: Why not push to stable?
  - From: Michael Stone <mstone@debian.org>
- Re: Why not push to stable?
  - From: martin f krafft <madduck@debian.org>
- Re: Why not push to stable?
  - From: Michael Stone <mstone@debian.org>
- Re: Why not push to stable?
  - From: martin f krafft <madduck@debian.org>
- Re: Why not push to stable?
  - From: Phillip Hofmeister <plhofmei@antiochcomputerconsulting.com>
- Re: Why not push to stable?
  - From: martin f krafft <madduck@debian.org>
- Re: Why not push to stable?
  - From: Andreas Barth <aba@not.so.argh.org>

Prev by Date: Re: Shorewall bug
Next by Date: I hope we can help you feel better
Previous by thread: Re: Why not push to stable?
Next by thread: full disclosure, or not?
Index(es):
- Date
- Thread