On Mon, 2012-01-30 at 08:02 -0500, Brad Spengler wrote:
> Frankly it makes more sense for me to offer .debs myself than to deal
> with a bureaucracy and non-standard kernel in Debian. It contains
> who-knows-what extra code, and I doubt anyone looked at any of it to see if
> it allows for some way to leak information I prevent against a vanilla
> kernel, or a way to bypass any other existing protection. There's more
> to security (a whole-system concept) than just the ripping of individual
> features.
Well I guess it's always more difficult to integrate with something
(upstream or as here the rules from Debian)... but I guess this way one
would have the best chances that many users can/will use it and,
moreover, that it could become the default some day.
When (Debian) users have to take patches or packages from a 3rd party
site ("yours")... they'll typically face more problems,... not only
patching/compiling on their own, but they also lack the support of the
community.
Cheers,
Chris.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature