[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: The New Security Build Infrastructure

>>"Jason" == Jason Thomas <jason@debian.org> writes:

 Jason> if there is a conflict the social contract should be updated.
 Jason> On Sat, Jun 08, 2002 at 10:56:16PM +0100, Stephen Stafford wrote:
 >> This is the way it is with security, it is that way for some very good
 >> reasons.  We either accept it, or we don't *get* the advance notice and
 >> chance to release security updates.  That *would* conflict with our social
 >> contract as it would most definitely *not* be looking after the best
 >> interests of our users.

	What conflict? Immediate disclosure would mean that Debian
 users would forever more be excluded from benefiting from security
 advisories in a timely fashion; since developers would have to start
 trying to do security fixes _after_ public announcements, and would
 be days behind every other distribution.

 The human mind treats a new idea the way the body treats a strange
 protein -- it rejects it. Medawar
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: