Re: Supporting tier-2 (was Re: COUNT(buildd) IN (2,3))
On Monday 14 March 2005 19:18, David Nusinow wrote:
> On Mon, Mar 14, 2005 at 05:57:05PM +0000, Matthew Garrett wrote:
> > Reasonable security support requires some degree of cooperation with the
> > current security team. Without that, vulnerabilities notifications won't
> > be available.
> Why can't porters join the security team? Then everyone benefits.
You are completely right. Sadly this isn't as easy as it might seem:
As far as I know from the local CERT, security teams need to sign NDAs to
receive notifications before they are made public.
Please also see my musings about security support in my 'Vision for the
future' only a few mails further up this thread.
- hallo... wie gehts heute?
- *hust* gut *rotz* *keuch*
- gott sei dank kommunizieren wir über ein septisches medium ;)
-- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15