Re: Do you think this is a security risk and if not is it a bad UI decision?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sat, May 04, 2013 at 04:42:58PM -0600, Kevin Fenzi wrote:
> 
> If they do decide to keep the change, you could escalate it to FESCo. 
> However, (speaking only for myself here) I would be VERY reluctant to
> override maintainers on their packages on something that is a design
> decision/judgement call. Where would we draw the line? 

I think there is a line to be drawn somewhere.  And unfortunately, in some
packages, that line probably needs to get drawn further into what the package
maintainer and software author might consider their territory than others.

I suppose for me security is probably one criteria for drawing the line.
How many people the change affects is probably another one.  This particular
change seems to hit both those criteria.  Criteria that could ameliorate
those would be how easily users could use an alternative and whether the
change is being announced at a volume to suit the amount of change it
represents.  (Security might still trump those... but as adamw said, it's
likely to depend on how much less secure I might evaluate it to be compared
to how much other benefit the feature seems to bring).

-Toshio

Attachment: pgpZi4cboFGh9.pgp
Description: PGP signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux