Re: Debian Social Contract.

To: "T.J. Duchene" <linuxman@worldwebcafe.com>
Cc: debian-devel@lists.debian.org
Subject: Re: Debian Social Contract.
From: Ben Collins <bcollins@debian.org>
Date: Wed, 16 Jan 2002 20:58:06 -0500
Message-id: <[🔎] 20020117015806.GB5977@blimpo.internal.net>
In-reply-to: <[🔎] 200201170210.UAA26445@ns2.worldwebcafe.com>
References: <[🔎] 200201170210.UAA26445@ns2.worldwebcafe.com>

On Wed, Jan 16, 2002 at 07:15:09PM -0600, T.J. Duchene wrote:
> Please excuse my appearing to barge in, as I am not yet a member of the 
> Debian Project, but it seems to me that the "no hide" part of the Debian 
> Contract is a statement of principle.
> 
> It should be honored.  By not honoring it, developers take the risk of 
> damaging Debian's reputation.  If a security hole endangers machines, 
> everyone needs to know, because I can assure you that the kind of people who 
> take advantage of them do not keep the secret from each other - often posting 
> holes publicly for others to see.
> 
> If Debian doesn't post these promptly, and people get the information some 
> place else - thinking:

What makes you think Debian hides these things? We do no such thing. We
post security updates to security-announce, and announce on many
full-disclosure sites as well.


Ben

-- 
 .----------=======-=-======-=========-----------=====------------=-=-----.
/                   Ben Collins    --    Debian GNU/Linux                  \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'

Reply to:

References:
- Debian Social Contract.
  - From: "T.J. Duchene" <linuxman@worldwebcafe.com>

Prev by Date: Debian Social Contract.
Next by Date: Re: Bug#129604: general: Social Contract: We Do Hide Problems
Previous by thread: Debian Social Contract.
Next by thread: Re: Debian Social Contract.
Index(es):
- Date
- Thread