Re: new features in package CVS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 31.01.2007 10:41, Christian Iseli wrote:

On Wed, 31 Jan 2007 09:47:05 +0100, Patrice Dumas wrote:

Why not have a default of open access? It would allow to follow the
guidelines:

http://fedoraproject.org/wiki/Extras/Policy/WhoIsAllowedToModifyWhichPackages#afterinclude

(As a side note, I don't see a reason to restrict acces to the cvs in general
case: when roles are clearly defined people don't mess with others
packages, even though they have access).

+1


Yes and no IMHO.
As I said somewhere else some weeks ago: I'd prefer some kind of wiki-like-style approach for my packages and the repo in general. But well, a real wiki scheme simply is not possible, as everyone could modify stuff in CVS, put a Trojan into some package, build it. Then it gets pushed and a lot of systems will get infected quickly :-/ 


I semi understand that a few very specific packages are really
sensitive stuff (kernel, gcc, basic system security stuff), but the
rest is just ... well ... like what we already have in Extras.
Just wondering: are those really that more "sensitive" then the rest? Yes, those are probably on most systems out there, so placing something bad in one of those (and getting it out to the users) might be more attractive than in other packages -- but we don't want bad stuff in lesser used packages, too. 

My 2 cent on the whole issue:
- give everyone (and especially new contributors that just got sponsored) write access everywhere is to dangerous (remember: The "hit CTRL+C at the right moment and no commit mails will be send"-problem is afaik still unfixed!) - have restrictive ACLs that only allows owners to modify stuff is to restrictive and makes stuff to complicated
Proposed middle ground (that was discussed here in the past days already): create a *big* group (Sponsors, FESCo Members, Packaging Committee members and some long term Red Hat employees and packages) and give them write access everywhere while new contributors get only write access where they need it. 

CU
thl

--
Fedora-maintainers mailing list
Fedora-maintainers@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers

--
Fedora-maintainers-readonly mailing list
Fedora-maintainers-readonly@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
[Index of Archives]     [Fedora Users]     [Fedora Development]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux