Re: security in testing
On Fri, May 16, 2003 at 05:35:01PM -0400, Stephen Frost wrote:
> It would be a start and I think that's what is needed. It needs to be
> started by someone, and I contend *anyone* can start it, before it will
> be possible to do it in full.
The thing is: The autobuilders for testing-security are already setup.
Handling security-advisories is already semi-automatic. The
security-team already has access to vender-sec.
I'd consider it a waste of resources to duplicate this infrastructure
outside of Debian, just so that somebody we can't really trust does it.
> > Aha. And what exactly buys you being a DD in this regard? That's the
> > implementation detail I was talking about earlier. You said
> > repositories would be easier setup if one was a DD, if I'm not
> > completely mistaken?
> They're already set up if you're a DD, you just upload to the official
> Debian repository.
Ah, ok. But please consider that one cannot upload security-fixes to
testing via the official debian repository right now. testing-security
is (not) handled by the sec-team and t-p-u needs explicit approval by
the testing-RM. That's why I did not understand your point.
<skipy> welche grafische oberfläche verwendest du unter Linux ? gnome
kde oder eher fluxbox -> blackbox ..
<wolfgang> eh, gar keine. ich verwendet GNU Emacs 21 auf einem terminal
<skipy> mhh wat sind überhaupt emacs ?