On Thu, 17 Jun 2010 20:57:56 +0200, Ananda Samaddar
<ananda@xxxxxxxxxxxxxx> wrote:
1. Check for vulnerabilities
2. Know how to use PKGBUILDS and abs
3. Can spare some time to send announcements, create interim PKGBUILDs
and file security issues on the bug tracker.
1. [testing] users do that
2. [testing] users, Devs and TUs (should) know this
3. see 1 and 2
IMHO, Arch's rolling release and cutting/bleeding edge kicks the need for
a security team. Just do your one man thing like any testing user. The
only thing I can think of in ways of security is signed packages, so write
some code if you are a coder or put some time in a plan on how to achieve
this instead of starting a strange vague unofficial security mailing list.
If you do have a lot of security issues about arch, just flood the
arch-general mailing list. If the devs see 'a lot' of messages concerning
security, they might come back on the arch-security mailing list. Just be
patient.
--
To read: http://en.wikipedia.org/wiki/Posting_style#Bottom-posting
