Re: Bug#241689: I'm going to NMU this

To: debian-devel@lists.debian.org
Subject: Re: Bug#241689: I'm going to NMU this
From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Date: Sat, 04 Sep 2004 20:11:09 +0200
Message-id: <[🔎] 87hdqdgb0i.fsf@mrvn.homelinux.org>
In-reply-to: <[🔎] 87r7piro9w.fsf@glaurung.internal.golden-gryphon.com> (Manoj Srivastava's message of "Sat, 04 Sep 2004 11:29:15 -0500")
References: <E1C1QyD-00085t-2y@dual> <1093796769.15494.25.camel@descent.netsplit.com> <874qmlhnwq.fsf@mrvn.homelinux.org> <20040829182218.GD20591@bignachos.com> <87r7poeoyf.fsf@mrvn.homelinux.org> <87r7poeoyf.fsf@mrvn.homelinux.org> <20040831030919.GG458@riva.ucam.org> <E1C25aQ-0000jY-00@sledge.mossbank.org.uk> <E1C25aQ-0000jY-00@sledge.mossbank.org.uk> <[🔎] E1C2ZTX-0006KX-5x@torres.ka0.zugschlus.de> <[🔎] E1C2nyw-0004hH-00@sledge.mossbank.org.uk> <[🔎] E1C3GsN-0004KJ-LF@q.bofh.de> <[🔎] 87sm9ztdw2.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 873c1zrus4.fsf@deneb.enyo.de> <[🔎] 87r7piro9w.fsf@glaurung.internal.golden-gryphon.com>

Manoj Srivastava <srivasta@debian.org> writes:

> On Fri, 03 Sep 2004 21:56:27 +0200, Florian Weimer <fw@deneb.enyo.de> said: 
>> From a formal point of view, it's certainly not acceptable
>> that someone who's been denied membership tries to bypass these
>> safeguards.

Note that there were one rejected person (me), two non DDs and 5 DDs
directly involved in that group of buildds. Also the buildds were
setup following the recommendations in the big buildd flameware a
while back to setup our own wanna-build to work without of James
wanna-build. Noone ever mentioned that buildds must be sanctioned or
any other restrictions for them.

Calling it bypassing safeguards makes it sound like a malice act in my
opinion and does not apply here.

>> It's quite unfortunate that this problem shows up at this particular
>> time, though.
>
>>> If a third of our build network was not trusted by the delegates in
>>> charge of Debian's buildds, the solution is to get more trusted
>>> buildd machines, not to shove packegs in wily nilly.
>
>> Trust is only loosely related to quality.
>
> 	Quite. But a trusted (they are not likely to maliciously
>  inject code into packages) but incompetent (uhh, what's linux?)
>  entities are unlikely to find acceptance. So the selection criteria
>  is broader than just security concerns.

Since buildds don't do anything creative but just compile trust is the
only thing that should apply to the buildd. Competence and social
skills would apply to the buildd admin but that person already has to
be a DD.

MfG
        Goswin

Reply to:

Follow-Ups:
- Re: Bug#241689: I'm going to NMU this
  - From: Russ Allbery <rra@stanford.edu>
- Re: Bug#241689: I'm going to NMU this
  - From: Florian Weimer <fw@deneb.enyo.de>

References:
- Re: Bug#241689: I'm going to NMU this
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bug#241689: I'm going to NMU this
  - From: Steve McIntyre <steve@einval.com>
- Re: Bug#241689: I'm going to NMU this
  - From: Marc Haber <mh+debian-devel@zugschlus.de>
- Re: Bug#241689: I'm going to NMU this
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Bug#241689: I'm going to NMU this
  - From: Florian Weimer <fw@deneb.enyo.de>
- Re: Bug#241689: I'm going to NMU this
  - From: Manoj Srivastava <srivasta@debian.org>

Prev by Date: Re: if you guys are really worried about a Ken Thompson-style hack in gcc
Next by Date: Re: Bug#241689: I'm going to NMU this
Previous by thread: Re: Bug#241689: I'm going to NMU this
Next by thread: Re: Bug#241689: I'm going to NMU this
Index(es):
- Date
- Thread