[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Libapache-mod-backhand: load balancing Apache requests.

Scripsit James Bromberger <james@rcpt.to>
> In December, 2000, the mod_backhand author wrote to me:

> > You, of course, don't need my permission to make it up into=20
> > a debian package (given the license,) but I appreciate you asking! =20
> > I would be delighted if you packaged and maintained the debian=20
> > package for mod_backhand. =20

> The debian package has not had any modified code; only the build system=20
> (makefiles, autoconf). Is this derrived? I don't think so;

It might be a good idea to get explicit permission to apply bug fixes
and (especially since we're talking server software) security fixes
without waiting to contact the author.

I don't think the standard Debian packaging tools will allow automatic
security fixing if the fixed package cannot have the same name as the
original.

The alternative to getting such a permission would be that if a
security problem is found and the author is not available
IMMEDIATELY, Debian must release a "fix" that takes out the unsafe
code by replacing it with a do-nothing binary - much to the chagrin
of the users, I imagine.

-- 
Henning Makholm                          "What has it got in its pocketses?"
Reply to: