[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Supporting tier-2 (was Re: COUNT(buildd) IN (2,3))

On Monday 14 March 2005 19:18, David Nusinow wrote:
> On Mon, Mar 14, 2005 at 05:57:05PM +0000, Matthew Garrett wrote:
> > Reasonable security support requires some degree of cooperation with the
> > current security team. Without that, vulnerabilities notifications won't
> > be available.
> Why can't porters join the security team? Then everyone benefits.

You are completely right. Sadly this isn't as easy as it might seem:
As far as I know from the local CERT, security teams need to sign NDAs to 
receive notifications before they are made public. 

Please also see my musings about security support in my 'Vision for the 
future' only a few mails further up this thread.

Regards, David
- hallo... wie gehts heute?
- *hust* gut *rotz* *keuch*
- gott sei dank kommunizieren wir über ein septisches medium ;)
 -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15

Reply to: