On Thu, 17 Jun 2010 20:57:56 +0200, Ananda Samaddar <ananda@samaddar.co.uk> wrote:
1. Check for vulnerabilities 2. Know how to use PKGBUILDS and abs 3. Can spare some time to send announcements, create interim PKGBUILDs and file security issues on the bug tracker.
1. [testing] users do that 2. [testing] users, Devs and TUs (should) know this 3. see 1 and 2 IMHO, Arch's rolling release and cutting/bleeding edge kicks the need for a security team. Just do your one man thing like any testing user. The only thing I can think of in ways of security is signed packages, so write some code if you are a coder or put some time in a plan on how to achieve this instead of starting a strange vague unofficial security mailing list. If you do have a lot of security issues about arch, just flood the arch-general mailing list. If the devs see 'a lot' of messages concerning security, they might come back on the arch-security mailing list. Just be patient. -- To read: http://en.wikipedia.org/wiki/Posting_style#Bottom-posting