diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2011-August/007567.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2011-August/007567.html | 148 |
1 files changed, 148 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2011-August/007567.html b/zarb-ml/mageia-dev/2011-August/007567.html new file mode 100644 index 000000000..451c3e1cd --- /dev/null +++ b/zarb-ml/mageia-dev/2011-August/007567.html @@ -0,0 +1,148 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] Status report for Mageia 1 updates, and call for?help from you packagers + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%0A%20%3D%3Fiso-8859-1%3Fq%3FStatus_report_for_Mageia_1_updates%3D2C%3F%3D%0A%20%3D%3Fiso-8859-1%3Fq%3F_and_call%3D09for%3D3Fhelp_from_you_packagers%3F%3D&In-Reply-To=%3C201108261750.54714.maarten.vanraes%40gmail.com%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="007564.html"> + <LINK REL="Next" HREF="007506.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] Status report for Mageia 1 updates, and call for?help from you packagers</H1> + <B>Maarten Vanraes</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%0A%20%3D%3Fiso-8859-1%3Fq%3FStatus_report_for_Mageia_1_updates%3D2C%3F%3D%0A%20%3D%3Fiso-8859-1%3Fq%3F_and_call%3D09for%3D3Fhelp_from_you_packagers%3F%3D&In-Reply-To=%3C201108261750.54714.maarten.vanraes%40gmail.com%3E" + TITLE="[Mageia-dev] Status report for Mageia 1 updates, and call for?help from you packagers">maarten.vanraes at gmail.com + </A><BR> + <I>Fri Aug 26 17:50:54 CEST 2011</I> + <P><UL> + <LI>Previous message: <A HREF="007564.html">[Mageia-dev] Status report for Mageia 1 updates, and call for?help from you packagers +</A></li> + <LI>Next message: <A HREF="007506.html">[Mageia-dev] Something wrong with binrepo? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7567">[ date ]</a> + <a href="thread.html#7567">[ thread ]</a> + <a href="subject.html#7567">[ subject ]</a> + <a href="author.html#7567">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>Op vrijdag 26 augustus 2011 12:49:40 schreef Samuel Verschelde: +><i> Le vendredi 26 août 2011 12:33:34, nicolas vigier a écrit : +</I>><i> > On Fri, 26 Aug 2011, Maarten Vanraes wrote: +</I>><i> > > but don't you have to test it that it actually works? +</I>><i> > +</I>><i> > And you don't know how to run an exploit ? +</I> +I have never done this before, perhaps secteam needs training for such? + +><i> > It's interesting that when there is some work to be done, you never know +</I>><i> > how to do anything, but it's never a problem to talk about anything like +</I>><i> > an expert, give your opinion about everything, say what should be done, +</I>><i> > how it should be done, etc ... +</I> +Yes, that is interesting. + +I think it's only natural for people to have an opinion, and i know you do +alot of work on Mageia, but not everyone can do as much as you, and it's not +because i sometimes say a few things on IRC that i'm not doing anything. + +boklm: I must say that i feel like i have to defend myself, to your post: +1. i don't think i speak "like an expert", but if you attribute this to me, i +can only think of this as a compliment, as people who speak like experts are +imho people who evidently know what they are talking about. + +2. none the less, even if i'm not planning on putting any time in somethign, +that doesn't refrain me from speaking my opinions, and i think i can determine +which solution is a quick & dirty fix, and which is a good one, IMHO. i supply +it, you're free to ignore it. + +3. as everyone, i too have priorities, even though mageia is high on it, it's +still below RL with wife and kids. as an estimate, except for IRC time, during +day and the meetings, as a reference, i think i can spend about 10-15hours on +mageia per week. + +4. even though my dayjob is in IT Security, i have never done penetration +testing or hacked someone. My priorities or on development and server +maintenance. None the less, as a "sysadmin" (dayjob), i am very interested +about stable systems, updates & security patches. + +5. i'm sure you know it'm a still a novice packager, but being a novice +packager doesn't refrain me to "package", and i "maintain" my packages as far +as i'm able to in the best of my abilities. Maybe Anssi is a stricter mentor +than others, but i see no issue with that. + +6. this may be a bad comparison, but it was my understanding that any +contribution, how small though it may be, is still valued. If you think my +contribution is not enough, or if you feel that i should just shut up if i +don't plan to spend some time on that, then i guess it's tough luck for you. +at least i'm contributing to something, i'm sure there's people reacting which +don't contribute at all. but as i said, you're free to ignore my advice. + +I hadn't planned on reacting to such posts, to not fill up the mailing list +with unecessary stuff as you so pointed out to me, but too much is too much, if +there are accusations (i perceive your post as such, though maybe i'm wrong, +please tell me if i am), i WILL defend myself. + +(imho, accusations shouldn't be on public mailing lists though) + +><i> Well, AL13N is just saying what the current policy is, see +</I>><i> <A HREF="http://www.mageia.org/wiki/doku.php?id=updates_policy#roles">http://www.mageia.org/wiki/doku.php?id=updates_policy#roles</A> +</I>><i> +</I>><i> "Security team" : "Design POC (Proof Of Concept) if necessary/possible to +</I>><i> test whether updated build is immune to issue" +</I> +indeed, it's a requirement that i think is wanted. + +><i> Now, if the policy needs to be changed and security fixes no more need to +</I>><i> be verified when they can be, it will be less work for everybody, but also +</I>><i> a lower security level (people make mistakes). +</I>><i> +</I>><i> Best regards +</I>><i> +</I>><i> Samuel Verschelde +</I> +</PRE> + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="007564.html">[Mageia-dev] Status report for Mageia 1 updates, and call for?help from you packagers +</A></li> + <LI>Next message: <A HREF="007506.html">[Mageia-dev] Something wrong with binrepo? +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#7567">[ date ]</a> + <a href="thread.html#7567">[ thread ]</a> + <a href="subject.html#7567">[ subject ]</a> + <a href="author.html#7567">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |