Re: Intent to hijack Bacula
On Thu, May 11, 2006 at 01:09:11PM +0200, Roberto Lumbreras wrote:
> rover, Jose Luis's sponsor and uploader of many of his packages including
> bacula, you can blame me also if you want
Others have pretty well addressed the rest of your message already. I'd
like to expand on this point.
I've been aware that it was you that uploaded at least some of the
bacula packages for a couple of days now. I didn't mention it, since it
wasn't directly related to getting Bacula's problems fixed. Since you
bring it up, though, I think there is an important lesson in this.
The Bacula packages should never have been uploaded.
As sponsor, it is your duty to make sure that they meet a certain
minimum level of quality. That they don't install a trojan on
somebody's machine, delete files from other packages, mess up other
services, etc. Except for the trojan, Bacula actually does all of that
(including messing with DB server configs **by keying off a comment!**
and restarting a DB server without permission).
Bacula should probably never have been accepted into unstable in the
first place, and you are the person that should have prevented that. (I
admit I haven't looked at the 2004 packages, but certainly the more
recent ones that you uploaded had serious flaws.)
DDs that sponsor uploads must ensure that the code they upload is
decent.
And no, unstable is not a dumping ground for everything that is crappy
and broken. Unstable is for code that should eventually make it into
stable but hasn't been proven with the wider community yet. If you
believe code wouldn't be suitable for a stable release, you shouldn't
upload it into unstable.
-- John
Reply to: