Re: expanded + clarified "differences from Debian" wiki section
On Thu, May 9, 2013 at 11:59 AM, nick black wrote:
> systemd has replaced sysvinit.
This may happen in Debian for jessie, at least for the Linux-based
architectures.
> SELinux and TCP wrappers are not supported. The former almost certainly introduces security problems
Do you have any specific issues in mind here? If so it would be a good
idea to get CVEs and patches issued for them.
> Hardening flags are not considered universally desirable.
Is the performance difference really that large?
> Patching the upstream sources is strongly frowned upon
Likewise in Debian, we even codified that in our social contract:
http://www.debian.org/social_contract
We do take a pragmatic approach when upstream is unresponsive or for
other reasons though.
> use of --fail-missing or an equivalent is strongly encouraged
It might be interesting to make that the default in a future debhelper
compat level.
> updates would be detected on upstream servers, ... repacked, all without user intervention
The advantage of having humans involved here is that they can make
judgements about the updates.
--
bye,
pabs
http://wiki.debian.org/PaulWise
Reply to: