[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: list of orphaned / RFA games

2008/1/11, Uwe Hermann <uwe@hermann-uwe.de>:

> Either way, pretty much all games in Debian must be assumed to have
> security bugs, but that's no reason to remove the package. On a box
> where security plays an important role (server etc) no sane admin would
> install games anyway - for very good reasons.

Even though it might be more tolerable to have a security risk in a
game than in a critical server component, I don't think we should
assume that security bugs are tolerable in any kind of packages.
They're not. Including games. We probably don't have enough resources
to check them as carefully as other more critical software components,
get rid of every security risk or even audit security issues on them
to a 100%, but it's not that we should not want to remove all of them.

Of course, as you said, no one is likely to have games installed in a
critical server, but that has nothing to do with us trying to have the
best possible operating system. And that means no security issues.
Users expect that, at least.


Reply to: