Re: Packages removed from frozen

To: debian-devel@lists.debian.org
Subject: Re: Packages removed from frozen
From: Manoj Srivastava <srivasta@debian.org>
Date: 09 Feb 2000 05:30:37 -0600
Message-id: <87snz2zk82.fsf@glaurung.green-gryphon.com>
In-reply-to: David Starner's message of "Tue, 8 Feb 2000 00:37:51 -0600"
References: <20000128161610.A13321@xs4all.nl> <8766w1557j.fsf@raven.localnet> <87900wsu4l.fsf@glaurung.green-gryphon.com> <20000207142942.A14269@x8b4e53cd.dhcp.okstate.edu> <87emaoqq9n.fsf@glaurung.green-gryphon.com> <20000208003751.A22760@x8b4e53cd.dhcp.okstate.edu>

>>"David" == David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu> writes:

 >> However, this is not a dispensation that should be lightly
 >> given. Bootstrapping from scratch should be kept to a bare minimum of
 >> preinstalled packages -- the build essentials.

 David> What do you mean "dispensation"?

        In other words, as far as possible programs should be
 buildable from source, unless that is impossible, and in which
 case some extra steps should be required: asking for permissin and
 inclusio in teh security FAQW do not seem to be too onerous.

 David> You're trying to add a special rule that programs can't
 David> build-depends themselves,

        Yes, and no. Yes, we can make such a rule, and no, that is not
 what I said. Any package that can't be built from sources should
 either be a part of build depends, or on a short list of allowed
 packages, and genrally, this is to be deprecated because of security
 issues. 

 David> which isn't found or implied anywhere in the DFSG or Social
 David> Contract. In fact, it contradicts the Social Contract, which
 David> says we will support our users.

        Take a deep breath, and come off the hihg horse. I was amongst
 those that contributed to the discussion that lead to Bruce writing
 and polishing the DFSG. (BTW, policy does state we can exclude things
 if "their distribution would conflict with other project policies.",
 over and beyond the DFSG. So your high dudgeon is misplaced.)

 David> Do I think bootstrapping compilers is wise? No. But I do think that
 David> it's unfair and foolish for Debian to stop supporting them for 
 David> arbitrary reasons. If Debian has the maintainers to support, there
 David> is no reason not to include them.

        Then they should be marked as potential security risks, and we
 should tell our users about them. 

        manoj
-- 
 Life is a serious burden, which no thinking, humane person would
 wantonly inflict on someone else. Clarence Darrow
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

References:
- Re: Packages removed from frozen
  - From: Rob Browning <rlb@cs.utexas.edu>
- Re: Packages removed from frozen
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Packages removed from frozen
  - From: David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu>
- Re: Packages removed from frozen
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Packages removed from frozen
  - From: David Starner <dvdeug@x8b4e53cd.dhcp.okstate.edu>

Prev by Date: Re: Packages removed from frozen
Next by Date: Re: debconf and the keyboard
Previous by thread: Re: Packages removed from frozen
Next by thread: Re: Packages removed from frozen
Index(es):
- Date
- Thread