On Mon, Mar 20, 2006 at 05:29:16PM -0500, Mike A. Harris wrote: > IMHO, moving more and more stuff out of Core and into Extras is an > overall good idea, so long as the infrastructure is present in > _advance_ to make it easy to install the stuff that has moved to > Extras, both at OS install time and later, and without requiring > mandatory network access. ie: Fedora Extras on CD, kindof like > powertools was before, but with anaconda support for that. I think this is already the plan for FC6 and the timeframe looks right to get these parts done. But I hope one thing doesn't get lost in this transition: Mark Cox and his team have been checking RHEL and FC only until now (or has this changed?). So currently I know the software on the 5 CDs has been checked against CVEs rigorously and the security team has taken appropriate measures. I think this kind of security infrastructure is needed for moving these targeted 2/3 of Fedora Core to Fedora Extras. I'm afraid that simply assigning all of Fedora Extras to be checked as good as Fedora Core has been means more human resources which may not be available. So I see three scenarios: o packages moved to Fedora Extras are not being checked by Mark Cox and friends anymore o Mark Cox get a lot more coworkers to be able to deal with all packages in Fedora Core and Fedora Extras o Fedora Extras is split security-wise into 1st class and 2nd class citizens. From a user's POV I'd wish the second scenario would happen. -- Axel.Thimm at ATrpms.net
Attachment:
pgp3udKYZvhgF.pgp
Description: PGP signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
