Re: The New Security Build Infrastructure
>>"Jason" == Jason Thomas <jason@debian.org> writes:
Jason> if there is a conflict the social contract should be updated.
Jason> On Sat, Jun 08, 2002 at 10:56:16PM +0100, Stephen Stafford wrote:
>>
>> This is the way it is with security, it is that way for some very good
>> reasons. We either accept it, or we don't *get* the advance notice and
>> chance to release security updates. That *would* conflict with our social
>> contract as it would most definitely *not* be looking after the best
>> interests of our users.
What conflict? Immediate disclosure would mean that Debian
users would forever more be excluded from benefiting from security
advisories in a timely fashion; since developers would have to start
trying to do security fixes _after_ public announcements, and would
be days behind every other distribution.
manoj
--
The human mind treats a new idea the way the body treats a strange
protein -- it rejects it. Medawar
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: