[arch-general] Arch Linux security is still poor....
Magnus Therning
magnus at therning.org
Tue Mar 16 00:12:59 CET 2010
On 15/03/10 23:03, Xavier Chantry wrote:
> On Mon, Mar 15, 2010 at 11:42 PM, Magnus Therning <magnus at therning.org> wrote:
[..]
>>> 2) resume and finish the gpg work for pacman & friends
>>
>> Sure, that is worth doing. Is it really a task for a dedicated security team?
>> It sounds more like a one-time thing for a group of developers.
>>
>
> This is also true.. more or less. It does not matter how the people doing
> the work are called.
> There is no one writing code, no one giving technical advices, no one
> testing. There are only users asking for signed packages.
I'd argue it *is* important what you call them.
In one case one would ask for some developer(s) to dedicate some time during a
limited period, while in the other one is asking for on-going commitment.
I think it's *crucial* to position the proposal correctly. Getting a feature
implemented in pacman is likely to be easier than getting a group of people to
sign up for a task that never ends. Though I'm not saying either will be
easy.
/M
--
Magnus Therning (OpenPGP: 0xAB4DFBA4)
magnus@therning.org Jabber: magnus@therning.org
http://therning.org/magnus identi.ca|twitter: magthe
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-general/attachments/20100315/7707d835/attachment.bin>
More information about the arch-general
mailing list