Re: goals for hardening Debian: ideas and help wanted
Marko Randjelovic <markoran@eunet.rs> writes:
> I added this:
> "Debian policy should require that in every source package all security
> packages should be clearly marked as such in standard and easily
> parsable way with optional further references."
I don't agree with this statement. I think there are far more important
things to document in Policy that haven't yet been documented there than
creating new rules about patch naming. Note that, currently, Debian
Policy doesn't require that you use separated patches *at all*, nor should
it given that there is not project consensus for requiring that source
package representation.
I'm fine with putting such a guideline somewhere advisory, such as the
Developer's Reference, but I don't think Policy is the document you're
looking for.
--
Russ Allbery (rra@debian.org) <http://www.eyrie.org/~eagle/>
Reply to: