On 01/28/2016 04:29 PM, Elmar Stellnberger wrote: > Now there are different opinions about this: > Some people certainly estimate comments, questions and discussion about > security issues which do not solely pertain to updates of packages for > already known security issues. Allowing discussion about potential > security risks is also an important issue though certain package > maintainers and arch-security personnel may feel discomforted about such > discussions. Nonetheless I would believe such discussion to be > worthwhile and important. first at all: please follow the general Arch Linux mailinlist rules and always bottom-post. Also I would like to state that you still have the possibility to do so, you can safely discuss anything Arch Linux related (which includes security) on arch-general. That is (and was) already done in the history, most recent threads f.e.: "AppArmor on linux-grsec" [0], "pacman signature verification" [1], "SELinux on Arch" [2]... In my opinion I don't feel like we are urged to have a separate list as most of the time the topics blur the line and splitting it does not provide much benefit. On 01/28/2016 04:29 PM, Elmar Stellnberger wrote: > P.S. Slightly off-topic: my sincerest gratitude to everyone behind the > security announcements! You're doing a great job, and this is not just > empty words. > Thank you very much, that is appreciated and makes us happy... however to be pedantic: Most of the work needs to be done before any announcements, that is just the (smallest) final step :) cheers, Levente [0] https://lists.archlinux.org/pipermail/arch-general/2016-January/040516.html [1] https://lists.archlinux.org/pipermail/arch-general/2016-January/040505.html [2] https://lists.archlinux.org/pipermail/arch-general/2016-January/040479.html
Attachment:
signature.asc
Description: OpenPGP digital signature
