On Sat, 2006-04-01 at 21:40 +0200, Thorsten Leemhuis wrote: > Am Sonntag, den 02.04.2006, 00:57 +0530 schrieb Rahul Sundaram: > > > > You are certainly allowed as a individual to post such warnings to the > > list. Just make it explicit that you are posting not on behalf of the > > project when it is controversial. Warren Togami for example made a > > announcement on the arrangement he had with Macromedia for a flash > > repository. > > That's would be my opinion, too. > > Cu > thl I feel that we have a responsibility to inform our users when security is an issue even for items we do not provide that we are sure that a majority of our end users in that segment might have the item installed. I feel that flash would apply to the desktop segment of our target markets. As for where these messages and how they are distributed is a bigger question. I feel they should be visible enough that the effected users will see the messages. Would posting a message about flash be right to a list of server administrators? I do not think so. Is there a current web space that users can look for security issues that may apply to them? If not is this something that should be created and maintained by the community at large? If it does how can we promote this resource so users are aware can do research and can make wise choices? -- Robert 'Bob' Jensen <bob@xxxxxxxxxxxxx> Fedora Unity Project
Attachment:
signature.asc
Description: This is a digitally signed message part
