[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Social Contract GR's Affect on sarge

On Mon, Apr 26, 2004 at 10:48:50PM +0200, Florian Weimer wrote:
> Manoj Srivastava <srivasta@debian.org> writes:
> > 	We have ,often, failed to follow the social contract in the
> >  past, though this was the first wilful violation I recall.
> Non-communication of security bugs (and the supporting infrastructure)
> is at the border of a SC violation, too.
> The Social Contract has not just one clause, and might be necessary to
> weigh one against the other (as we do with security bugs).

Uh, no, it's not. We have paragraphs under the headings for a reason:

  3. We Won't Hide Problems

     We will keep our entire bug-report database open for public view at all
     times. Reports that users file on-line will immediately become visible
     to others.

We do keep our entire bug-report database open for public view; and
reports that users file are immediately visible to others. This clause
isn't violated by the security team's practices, and there aren't any
"weighings" being made.


Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
Don't assume I speak for anyone but myself. GPG signed mail preferred.

Protect Open Source in Australia from over-reaching changes to IP law
http://www.petitiononline.com/auftaip/ & http://www.linux.org.au/fta/

Attachment: signature.asc
Description: Digital signature

Reply to: