-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, 31 Oct 2006, Stuart Herbert wrote:
On 10/31/06, Ciaran McCreesh <[EMAIL PROTECTED]> wrote:
Uh, security bugs are not the highest priority.
Would it be possible to have some arch team leaders join in this
debate? Atm, it just seems to be bouncing back and forwards between
package maintainers asking questions, and a Gentoo user filling the
void left by the responses from the arch team folks.
Well, lets use an example. If SPARC had a breakage in the system profile
and a security bug in say, phpmyadmin, the system profile breakage is
going to take priority as it impacts every SPARC user's ability to use
and/or install Gentoo on Linux/SPARC. However, phpmyadmin impacts a much
smaller segment of the Gentoo Linux/SPARC user base, so its not as much of
a problem.
Obviously some of this is going to be relative. If the security issue was
a remote unauthorized DoS, buffer overflow resulting in a root shell
particularly in the system profile packages, then it would probably take
priority over the latest request to stabilize or add testing keywords to
random package maintainer's package.
That being said, Gentoo Linux/SPARC normally does try to handle Security
issues before others if the others aren't critical.
Cheers,
- --
Jason Wever
Gentoo/Sparc Team Co-Lead
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFR3IBdKvgdVioq28RArMdAJ49AsBl3DjtA5n22atL7FpY0jYwVACeLeV7
PPBLoaGVvBRWQRh3Qnn1VLs=
=BAvM
-----END PGP SIGNATURE-----
--
gentoo-dev@gentoo.org mailing list
