Re: The New Security Build Infrastructure

To: "Vince Mulhollon" <vlm@norlight.com>
Cc: debian-devel@lists.debian.org
Subject: Re: The New Security Build Infrastructure
From: Mark Eichin <eichin@thok.org>
Date: 19 Jun 2002 18:55:28 -0400
Message-id: <[🔎] xe1wusuev4v.fsf@swat.thok.org>
In-reply-to: "Vince Mulhollon"'s message of "Wed, 19 Jun 2002 13:59:21 -0500"
References: <[🔎] OF2BFDAC81.F30903A7-ON86256BDD.00672583@norlight.com>

> An automobile metaphor:  Ever head of the Corvair?  Ralph Nader?  "Unsafe
> at any speed"?

Another (even more) flawed analogy, as the book and campaign was
entirely based on flaws "fixed in the current release" -- so it's more
like publishing a detailed analysis of security flaws in potato after
the woody release :-)

(The secret path bothers me too, even though I'm usually "in on it"
for whatever reason, but I agree that debian needs to compromise (or
be kicked out) in this case - after all, we've got 13 years of
experience[1] with this model, that would take a lot to dislodge and
the experiment would be difficult to run, and debian probably isn't
the context in which to do it.)

[1] CERT formed in reaction to the Morris incident.


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: The New Security Build Infrastructure
  - From: "Vince Mulhollon" <vlm@norlight.com>

Prev by Date: Re: SuSE, Caldera, Connectiva and TurboLinux to do a new distribution togerther?
Next by Date: Re: Little things make the initial install experience painful
Previous by thread: Re: The New Security Build Infrastructure
Next by thread: Antigen found =*.exe file
Index(es):
- Date
- Thread