[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#815675: ITP: ftpbackup -- Script to backups your data from a Debian system to a ftp space

Nikolaus Rath <Nikolaus@rath.org> writes:

> Alright. In your opinion, what should be the standard for getting
> something packaged into Debian?

Just because something does not get included in Debian, doesn't stop you
from packaging it and distributing it outside Debian.

In fact, in this case, it has certain advantages. You can release a new
version whenever you want. You can require user's to have the latest
version to get support. Debian is not stuck trying to support a legacy
version in stable until LTS support ends. The security team is not stuck
trying to patch security vulnerabilities in an obsolete version that the
upstream maintainer lost interest in years ago. etc.

I haven't seen the code myself, however one of the comments was:

  "just having whitespace in the destination directory will lead to a
  crash, set -e is not used, and errors are redirected to /dev/null"

This sounds to me like a recipe for security problems.
-- 
Brian May <bam@debian.org>
Reply to: