Re: libc6_2.0.7r-3 considered harmful

To: debian-devel@lists.debian.org
Subject: Re: libc6_2.0.7r-3 considered harmful
From: "James R. Van Zandt" <jrv@vanzandt.mv.com>
Date: Wed, 8 Jul 1998 21:53:00 -0400 (EWT)
Message-id: <[🔎] m0yu5tM-0006IcC@vanzandt.mv.com>
In-reply-to: <[🔎] Pine.LNX.3.96.980705233522.180A-100000@dwarf.polaris.net> (message from Dale Scheetz on Sun, 5 Jul 1998 23:40:22 -0400 (EDT))
References: <[🔎] Pine.LNX.3.96.980705233522.180A-100000@dwarf.polaris.net>


>> IMHO We need a policy on this sort of thing, so that in future when
>> a dangerous package version gets put on the ftp sites, we can back
>> out quickly to a less broken version.
>
>While I agree, the current management of the archives makes this quite
>difficult, as there isn't sufficient archive space to keep every old
>version of every package, which is the only way to be "absolutely" safe.

We would not need that much space.  I proposed to expire old packages
after a week or so.  That way, we need only 200 MB or so.  The
recovery would be:

      1) If the maintainer can upload a new fixed package immediately,
         then install that.

      2) Otherwise, if the previous package has not expired yet, then
         install that.

      3) Otherwise, damage the broken package, so nobody can install
         it.  Maybe something like this: 
                echo "placeholder for fixed package to be uploaded \
         soon" > foopackage-1.2-3.deb

                               - Jim Van Zandt


--  
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: libc6_2.0.7r-3 considered harmful
  - From: Dale Scheetz <dwarf@polaris.net>

Prev by Date: Re: The XDM trap
Next by Date: Re: FreeAmp/eMusic
Previous by thread: Re: libc6_2.0.7r-3 considered harmful
Next by thread: Re: libc6_2.0.7r-3 considered harmful
Index(es):
- Date
- Thread