Re: Introducing security hardening features for Lenny
On Wed, 2008-01-30 at 00:21 +0100, Moritz Muehlenhoff wrote:
> Thomas Bushnell BSG wrote:
> > For my money, you blew it. You don't bootstrap a discussion by
> > presenting a pseudo-official email like the one you posted. But we can
> > get back to that discussion: cancel the email by saying "whoops, we're
> > not ready yet" and then having the discussion first.
> Of course we've discussed this in depth internally before before
> proposing it and there was no intention to make it sound "official".
> There is no need to become aggressive.
I'm sorry for my tone.
I know that it was discussed internally; but what I mean is that it
needs to be discussed externally as the next step, long before it
becomes the expected practice.
If there were not important trade-offs, then it wouldn't matter, but the
problem is that some of these options do impose significant costs.