[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: *seconded* Re: Bits (Nybbles?) from the Vancouver release team meeting



On Wednesday 16 March 2005 13:55, Wouter Verhelst wrote:
> Op wo, 16-03-2005 te 12:09 +1000, schreef Anthony Towns:
> > The reason for the N = {1,2} requirement is so that the buildds can be
> > maintained by Debian, which means that they can be promptly fixed for
> > system-wide problems, and which means access to them can be controlled,
> > rather than opening up users of that architecture to exploits should a
> > random disgruntled non-developer have access to the machine and decide
> > to abuse it, eg.

[...]

> I can understand these concerns, and they are valid; but there are
> better ways to tackle them. Requiring that the machines are owned and
> hosted by Debian Developers, rather than random non-developers, for
> example, could be a better idea than to impose some arbitrary
> restriction that has no real value; buildd hosts don't necessarily need
> to be part of the debian.org network to be able to do what they need to
> do.

Another factor might be security support:

At least one buildd (plus hot-standby) must be available [under strict 
DSA/Security administration] which is fast enough to build security updates 
without infringing on vendor-sec embargoes.
 

Regards, David
-- 
- hallo... wie gehts heute?
- *hust* gut *rotz* *keuch*
- gott sei dank kommunizieren wir über ein septisches medium ;)
 -- Matthias Leeb, Uni f. angewandte Kunst, 2005-02-15



Reply to: