Re: The New Security Build Infrastructure
>>"Sam" == Sam Hartman <hartmans@debian.org> writes:
Stephen> This is the way it is with security, it is that way for
Stephen> some very good reasons. We either accept it, or we don't
Stephen> *get* the advance notice and chance to release security
Stephen> updates.
Sam> Here you argue only that it is a good idea to hide security updates,
Sam> not that doing so is consistent with the social contract. Not all
Sam> right things are by their nature consistent with the particular
Sam> document we adopted as our social contract. While saying something is
Sam> right is an argument that we should do it, it does not speak to
Sam> whether that thing follows the social contract.
Sam> It is quite possible that both hiding security updates is good and
Sam> that doing so violates the social contract. People believing such
Sam> things should introduce a GR to change the social contract and allow
Sam> hiding of security updates.
Nice generalities, but not germane to the issue in hand.
The way security advisories are structured, and the people who
issue them are the ones making these rules, is that premature
dissemination of the information shall get you excluded from the
early warnings. That is going to be extremely detrimental to Debian
users.
In situations like this, one has to actually weigh the
ramifications of both alternatives, since there are pros and cons on
either path; selecting one con from one branch and concentrating on
it with blinkers on to hide the rest of the issue is not quite
productive.
manoj
--
"I've got children", "I've got wealth." This is the way a fool brings
suffering on himself. He does not even own himself, so how can he
have children or wealth? 62
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024R/C7261095 print CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: