[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Open then gates (was: UPG and the default umask)

Hash: SHA512

Am Sa den 15. Mai 2010 um  1:18 schrieb Stefano Zacchiroli:
> On Sat, May 15, 2010 at 01:57:05AM +0200, Christoph Anton Mitterer wrote:
> > Klaus Ethgen wrote:
> > > A black day in the security of Debian. Well.. One more.
> > Absolutely true,... :-(
> Guys, IMHO you really need to stop ranting contentlessly.

Oh, I will not make any more comment to that decision. Maybe I will
search for a more secure distribution. This decision is much to much.
And it is the last straw that breaks the camels back. Debian was was my
favorite distribution for over ten years now but in the last time the
concessions to colourful systems where user simplification goes over
security is the wrong way.

Christoph did say it with the right words, just start to use Windows as
base for the distribution. Sorry, but this is more and more the picture
I have of Debian.

> Either you reply to the technical arguments in favor of the change
> that have been made (e.g. by Russ Allbery in this thread,

Oh, there was technical arguments in the thread. But they was just
ignored. But there was just one reason to make the umask that more
insecure, and this is a very special usecase. Compared to the technical
arguments against the change this has nearly no weight. (I was myself in
the situation that I had to setup a directory for collaboration work.
But this didn't need to set the umask of all members to a insecure

> or you shut up.

So, either you have the same opinion than the mop or you have to shut
up, I see.

> If that's asking too much, please at least understand that messages like
> the ones I've quoted above don't add anything to the discussion, and
> will just piss off people, reducing in general the willingness to
> contribute to Debian. Is that what you want?

If they destroy a distribution, yes!

> To that end, mails like the above surely don't help.

That might be. But they show when someone resigns.

For me, that means to take my consequences. Not all people are
experienced enough to do that.

Best wishes
- -- 
Klaus Ethgen                            http://www.ethgen.de/
pub  2048R/D1A4EDE5 2000-02-26 Klaus Ethgen <Klaus@Ethgen.de>
Fingerprint: D7 67 71 C4 99 A6 D4 FE  EA 40 30 57 3C 88 26 2B
Version: GnuPG v1.4.10 (GNU/Linux)


Reply to: