On Tue, Jun 29, 2010 at 12:35:19PM -0400, Joey Hess wrote:
> This apparently well-meaning idea that we can improve Debian's
> security etc by talking people out of doing jobs that they have
> volunteered to do, and are doing, is a recent trend that I really
> don't understand.


On Tue, Jun 29, 2010 at 01:34:46PM -0400, Michael Gilbert wrote:
> I really hope I haven't come across this way.  It was certainly not
> my intention.  Like I said in my first post to this discussion, I think
> a debate on the merit of the status quo with respect to the mozilla
> packages is greatly needed right now.  If the result of this debate is
> maintaining the status quo, then that's just fine with me, but at least
> all of the dirty laundry has been aired, and an informed decision made.

Well, I confess that it did come across that way also to me, and
probably to many others. The impression was something like: “someone not
working on iceweasel security in Debian is trying to convince someone
else which is working on that, not only to stop, but also to throw out
of the Debian main archive iceweasel all together”.

Try looking at it that way for a minute and you surely understand how
surreal the debate looked like from the outside :-)

> As for my non-involvement in mozilla security, that actually isn't
> true.  I actually spent a great deal of effort to triage all of the
> mozilla issues in the security tracker about a year ago, and submitted
> bugs for the open ones. However, as a user, I have no access to
> mozilla patches, so I could go no further.  I did what I could to
> improve mozilla security, then I just simply lost interest because I
> found webkit to be actually tractable.

To the risk of repeating myself, Debian is a do-ocracy: who does the
work and does it well (as in this case!) gets the right to decide. If
you stopped working on iceweasel security, you kind of gave up your
rights of directly affecting the course of the package.

I'm sure that for a package as big and complex as iceweasel Mike and
Eric could use every single pair of helping hands: get involved again
and your "greatly needed debate" will have a much higher impact.
(That was written without iceweasel maintainers' permission, though.)

Besides, we all thank you for your security triaging activity for
Mozilla-related package: that helps other users way more than removing
their favorite browser from the main archive.


Stefano Zacchiroli -o- PhD in Computer Science \ PostDoc @ Univ. Paris 7
z...@{upsilon.cc,pps.jussieu.fr,debian.org} -<>- http://upsilon.cc/zack/
Dietro un grande uomo c'è ..|  .  |. Et ne m'en veux pas si je te tutoie
sempre uno zaino ...........| ..: |.... Je dis tu à tous ceux que j'aime

Attachment: signature.asc
Description: Digital signature

Reply via email to