Re: Food for thought - SECURITY (design flaw?)
On Mon, Feb 12, 2001 at 10:43:33AM -0200, Carlos Carvalho wrote:
> Andreas Tille (tillea@rki.de) wrote on 12 February 2001 11:32:
> >IMHO people of security team shouldn't spend their time to serve
> >security fixes for testing. People who want to use testing on
> >security relevant machines should know what they do and should be
> >able to handle those issues themselves. Those hazardeurs could try
> >to fix important bugs of the package which is stick to unstable for
> >whatever reason which would help the whole distribution or backport
> >the stuff themself.
>
> What's the purpose of testing exactly? If it's a preparation for
> becoming stable it should obviously include the security fixes,
> otherwise when the transition testing -> stable happens you're... If
> it's not a preparation for stable it has no purpose.
It is preparation for becoming stable, but not "on half a moment's
notice". Security fixes go into unstable and trickle into testing.
The principal, I think, is that we can throttle the packages being
allowed into testing for an easier release cycle.
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/
Reply to: