[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Relaxing testing requirements (was: summarising answers toVancouver critique)

martin f krafft dijo [Fri, Mar 18, 2005 at 12:57:54PM +0100]:
> > The security team is under-staffed *now*, AFAICT; and you want to increase
> > their workload for etch on the assumption that nothing bad will come of it?
> No, I said we should stock the security team, which I meant to read
> as: add more man-power.

Why has this not happened yet? This has been a known problem for quite
a long time...

The answer is simple: Not everybody can become a security team member,
the required technical skills are quite high. There is a VERY high
commitment requirement as well, so even some of the skilled people do
not become part of the security team. Besides _that_, most people
agree that creating new code is more fun than patching existing code,
so even less people step into that position.

Remember this is a volunteer project. I know of no extra volunteers
willing to take up such a task as Security. You repeatedly talk about
adding man-power to it. So... Are you in?


Gunnar Wolf - gwolf@gwolf.org - (+52-55)1451-2244 / 5554-9450
PGP key 1024D/8BB527AF 2001-10-23
Fingerprint: 0C79 D2D1 2C4E 9CE4 5973  F800 D80E F35A 8BB5 27AF

Reply to: