Re: Arch Linux security is still poor....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, Mar 15, 2010 at 11:42 PM, Magnus Therning <magnus@xxxxxxxxxxxx> wrote:
>>
>> 1) what allan said :
>> A group could monitor security issues and file bugs to get the devs to
>> fix them.
>
> Is there any evidence that this is actually needed?
>

No, Allan asked for some numbers, and I am curious too.

> My impression is that maintainers already are monitoring upstream releases.
> When they are lagging, there are users who mark things out-of-date.  The
> occasional non-maintainer upload doesn't seem to warrant a dedicated team.
>
>> 2) resume and finish the gpg work for pacman & friends
>
> Sure, that is worth doing.  Is it really a task for a dedicated security team?
> It sounds more like a one-time thing for a group of developers.
>

This is also true.. more or less. It does not matter how the people
doing the work are called.
There is no one writing code, no one giving technical advices, no one testing.
There are only users asking for signed packages.


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux