Re: Security features in the upcoming release (Stretch)

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: Security features in the upcoming release (Stretch)
From: Reed Black <reed@unsafeword.org>
Date: Fri, 23 Sep 2016 10:42:02 -0700
Message-id: <[🔎] CAESArwmT4KHOKA7yU00POZ_a0RAvo3rfqo6A7amXARfQ-k6n3A@mail.gmail.com>
In-reply-to: <[🔎] a92388c89012c71c8a0ec94fe7f048b2.squirrel@tarcanfel.org>
References: <[🔎] 1474636915917.186384.e8fac4e3530962f08764edd62faadac90c8442b5@spica.telekom.de> <[🔎] a92388c89012c71c8a0ec94fe7f048b2.squirrel@tarcanfel.org>

On Fri, Sep 23, 2016 at 6:42 AM, Jonathan Hutchins <hutchins@tarcanfel.org> wrote:

It is difficult for me to rationalize a serious concern for "security"
with the idea that one should lie back and expect the packaging team to
take care of it all for you. If you are concerned with security, you
should be actively configuring security features yourself, not expecting
that someone else has the same priorities that you do.

Advance notice of what's landing helps an engineer know what to focus on, and where work would be duplicated. Resources are finite. That includes time. Not everything needs to be done in house in order to be "serious."

Reply to:

Follow-Ups:
- Re: Security features in the upcoming release (Stretch)
  - From: Richard Owlett <rowlett@cloud85.net>

References:
- Security features in the upcoming release (Stretch)
  - From: "m.largo@t-online.de" <m.largo@t-online.de>
- Re: Security features in the upcoming release (Stretch)
  - From: "Jonathan Hutchins" <hutchins@tarcanfel.org>

Prev by Date: Re: Security features in the upcoming release (Stretch)
Next by Date: Re: Security features in the upcoming release (Stretch)
Previous by thread: Re: Security features in the upcoming release (Stretch)
Next by thread: Re: Security features in the upcoming release (Stretch)
Index(es):
- Date
- Thread