[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: NMU'ing for wishlist bugs? (aka: intent to NMU bind9)

> It's been over 3 months since I submitted a patch for bind9, to
> implement named running as a non-root user by default (#149059).  I 
> tested the patch, and hoped to get some feedback (_any_ real feedback)
> from the maintainer; I have not gotten any.  So, unless anyone has some
> serious objections, I will NMU bind9.  It is embarrassing that we still,
> to this day, ship a bind9 package that runs as root by default
> (especially given bind's track record, wrt security).

Sorry for the delay in getting into the discussion....  I just took over
from Bdale as maintainer for bind9, and have been walking through the
defects trying to get a full grasp of where to spend the time.

There is more to chrooting a daemon than just specifying a userid, and
that work is in my queue.  It will probably be 2-3 of weeks before I can
get the package uploaded, though, due to travel.

> On a related note, with the new NMU policies set in place during woody's
> freeze, how are NMU's that fix wishlist bugs viewed?  I would expect
> that they'd be frowned upon, unless they add an important/heavily
> desired feature, and don't break anything.. but I figured I'd ask, just
> to clarify (as this isn't the only wishlist patch of mine that's being
> ignored by the maintainer..).

I try to stick to important or higher for my NMU's.  Your mileage may vary.


Reply to: