[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [all candidates] Advertising testing and security support

On 19/03/13 at 23:52 +0100, Jérémy Bobbio wrote:
> Hi!
> Lucas wrote in his plateform:
>   For example, we have been providing a fairly good rolling release for
>   almost 13 years with testing, but we totally fail at advertising it as
>   something supported and usable by end users.
> Even if a dedicated team is supposed to care about security in
> testing [1], the dedicated mailing-list [2] has not seen an announcement
> since February 2011.
> Dear candidates, do you think it would be wise to advertise `testing` as
> a usable distribution to our users given that state of affairs? Given
> that our security support for stable is already not as best as it could
> be, do you think we should encourage volunteers to be more active in
> security support for testing? Do you have ideas on how to attract more
> volunteers to the dull, hard, and sometimes boring tasks of taking care
> of security issues in Debian?

First, having security support for testing with the same (high :) )
quality as for stable would be great, of course.

But I don't think that this is a prerequisite for advertising testing as
a rolling release.
- We would need to state clearly how security support for testing happens
  (mostly through unstable, etc.)
- We could discourage the use of 'testing' on multi-user systems or
  Internet servers. it's quite likely that the main use of testing will
  be desktops/laptops anyway.

Note that some successful distros have more restricted/focused security
- (AFAIK) the Ubuntu Security team only issues updates for packages in
  the 'main' component. the 'universe' component is (supposed to?) be
  supported by the community.
- (AFAIK) Linux Mint relies on Ubuntu's security support

Finally, I think that it's a chicken and egg problem, too: if we
advertise testing as a recommended alternative for users, it is more
likely that people will be interested in helping with its security


Reply to: