Hi folks, during the call today, Markus and Sunil brought up the fact that they had concerns about distributing 100 boxen to developers (projectdanube.org), and thought it would be a good idea to discuss what those concerns are. This might help us direct the 1.0 todo list as well.
To start, my concerns are that we've written Plinth and some glue code (like Augeas-lenses, FBuddy, etc.) for the project. I'm pretty sure all of these things were necessary (because nothing available in Debian did them in the coordinated way we needed them to), but I'm uncomfortable releasing externally-facing services without getting those services a proper security review. I'm sure we'll do our best, but it also feels negligent to ask people to rely on our tools without making reasonable external verifications. Nick
_______________________________________________ Freedombox-discuss mailing list Freedombox-discuss@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/freedombox-discuss