Re: Crest, Kullervo & security
> Some time ago Peter Palfrader from DSA asked me by mail how to proceed with
> Crest & Kullervo. He would like to get rid off it (DSA-wise) and hand it
> over to us.
Administration can be done by us I guess.
> I mentioned this issue shortly during the Kiel Meeting and said that I would
> like to have at least one DD-accessible machine for all DDs under DSA
> control. Or at least using the LDAP from Debian.
Seconded. One machine where all developers have access by default (i.e. LDAP) is
a must.
> Another point is security support. Kullervo was used as a security buildd as
> well. Are there other security buildds? Do we need to rebuild security since
> we are now on debian-ports? How are security builds handled at the moment?
>
> My impression is that DSA wants to get rid off m68k because it's too slow,
> but having a DD accessible machine would be good for us. So, maybe if we can
> manage security for Crest and its chroots we could still use Debian LDAP but
> DSA would not need to care about m68k anymore? Would that be possible?
We cannot manage security on our own unless one of us becomes part of the
security team. Security advisories and patches are embargoed until such time as
the advisory is released.
After a security release, we can pick up the released source and build that, of
course.
Michael
Reply to: