Re: Bad press related to (missing) Debian security
On Mon, Jun 27, 2005 at 01:10:10PM -0500, Adam Majer wrote:
> are happy the fix will not mess up current functionality. How many
> people do we need on the actual security team? The current listing states,
> # Security Team -- <firstname.lastname@example.org>
> /member/ Martin Schulze
> /member/ Wichert Akkerman
> /member/ Daniel Jacobowitz
> /member/ Michael Stone
> /member/ Matt Zimmerman
> /secretary/ Noah Meyerhans
> /secretary/ Steve Kemp
> Is this enough?
I expect it would be enough if they were all active, but that has never been
the case for this group. Wichert, Daniel, Michael and myself are all de
facto inactive for various reasons, and have been for some time.
The security team has always been a difficult one to expand. A strong level
of trust is necessary due to confidentiality issues, and security support is
a lot of (mostly boring and thankless) work. However, expanding it seems
like the only way to make it sustainable.