Re: Fedora 13 Release Candidate Phase

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Adam Williamson wrote:
> Really? I don't think there's *that* many cases where a negative piece
> of karma is filed between the submission and the push which you'd want
> to ignore.

I think there are actually very many. We get a lot of invalid -1 votes for 
KDE updates (issues which have been there for ages, issues which have been 
caused by a completely unrelated update which happened to hit testing or 
stable at the same time) etc.

It'd also open the doors to effectively DoS updates.

> And even in the rare cases when that happens, if we warn or even unsubmit
> the update, it's not like you can't do anything about it. If we make it a
> warning...ignore the warning. If we make it withdraw the update...just
> submit it again. I'm having a hard time seeing that fall apart.

It means that a well-timed -1 can cause the update to miss the push (which 
is already a forced delay and thus a form of DoS), then it can be done again 
at the next push, ad infinitum, instant DoS.

> I don't really mind requiring bug numbers for negative karma (though, if
> anything, I reckon that'd have *more* problematic corner cases in
> itself). But I'm not sure it's really necessary for this.

I think it actually won't solve the problem at hand. The bug pointed to 
might not actually be caused by the update (see the first paragraph), or it 
could even be a dummy bug filed by a malicious DoSer.

        Kevin Kofler

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux