[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Outrage at Debian dropping security for 2.1



On Sat, Sep 30, 2000 at 12:54:53AM -0700, Seth Cohn wrote:
> On Sat, 30 Sep 2000, Steve Dobson wrote:
> > Users want a stable and secure OS.
> 
> Debian comes with no warranty of fitness or otherwise.
> If you break it, you get to keep both pieces.
I like that -- I must remember it 8-)

> > We need to define a reasonable period over which we support
> > both the stable and the obsolete versions. 
> 
> No, 'we' don't.  The security team does.  If they truly made a decision
> that 'Debian' as a whole disagreed with, then someone will ask for a vote
> on it, or other remedy.  But I doubt it.
Okay, maybe `we' don't.  My point was that it would help our users if they
knew well in advance how long then had to upgrade when a new version is
released.  If this time period is set by the security team I'm happy
with that.

> > I believe that six months is a reasonable time frame 
> > for overlay support given our 2 year release cycle.
> 
> Ok, congratulations.  You want to volunteer to maintain Slink for 6
> months?  Go for it.  You have the sources, you have the tools.  You will
> even have some of the knowledge, because as security issues are
> discovered, people will typically issues patches.  Apply them, and have
> fun.  Maybe someone will pay you to do it.  Maybe not.  Maybe someone else
> will volunteer time.  Maybe you will do it 'officially,' probably not.
> 
> Red Hat charges for support.  Red Hat charges for the 'official'
> software.  Red Hat sells contracts, and pays employees to work on things.
> Debian is not Red Hat, and shouldn't be held to the same standards.
> 
> If you want to start a company up, maybe ODORS inc. (Organized Debian
> Obsolete Release Support), have at it.  You might be able to make some
> money at it.  I don't tbink it will be a fun job, but that's why you get
> paid for it.
> 
Since my last posting I had a somewhat similar thought.  Debian is a 
Free Software Project.  But it is ``Free'' as in speech - not ``Free''
as in beer.  (I have spent way to much time drinking with one of GNU
guys.)  The price of Debian then is that long term support for obsolete
releases isn't there.

Live long and prosper.
(Reference to my auto generated sig -- it came up by chance -- I didn't
 do anything to pick it (other than put it in my signify DB -- Honest)
-- 
                                Steve Dobson steve.dobson@krasnegar.demon.co.uk

I am pleased to see that we have differences.  May we together become
greater than the sum of both of us.
		-- Surak of Vulcan, "The Savage Curtain", stardate 5906.4

Attachment: pgpQFRBuqwlXg.pgp
Description: PGP signature


Reply to: