I support to have thoughtful discussion regarding River future direction
proposed by Patricia.
Bishnu Prasad Gautam
> Subject: Re: VOTE: Take Security seriously or my resignation.
> To: dev@river.apache.org
> From: p...@acm.org
> Date: Wed, 6 Jan 2016 07:13:23 -0800
>
> Please, please cancel
Thanks!
On 1/6/2016 12:54 PM, Peter wrote:
Vote withdrawn.
Peter.
Sent from my Samsung device.
Include original message
Original message
From: Patricia Shanahan
Sent: 07/01/2016 01:13:23 am
To: dev@river.apache.org
Subject: Re: VOTE: Take Security seriously or my resignation.
P
Vote withdrawn.
Peter.
Sent from my Samsung device.
Include original message
Original message
From: Patricia Shanahan
Sent: 07/01/2016 01:13:23 am
To: dev@river.apache.org
Subject: Re: VOTE: Take Security seriously or my resignation.
Please, please cancel this.
We do need to hav
On 06-01-16 18:49, Simon IJskes - QCG wrote:
On 06-01-16 13:38, Peter wrote:
Your security analysis is too narrow, your thinking like a user, not
an attacker.
An attacker is not going to send you a proxy to load into a standalone
Classloader. She has the choice of the entire classpath, not you
On 06-01-16 13:38, Peter wrote:
Your security analysis is too narrow, your thinking like a user, not an
attacker.
An attacker is not going to send you a proxy to load into a standalone
Classloader. She has the choice of the entire classpath, not you and not
River, that's right it's the sende
Peter,
I think that there might be a consensus for publishing 3.0 and then
considering security patches against it.
Bryan
Bryan Thompson
Chief Scientist & Founder
SYSTAP, LLC
4501 Tower Road
Greensboro, NC 27410
br...@systap.com
http://blazegraph.com
http://blog.blazegraph.com
Blazegraph™
Hi Jim:
Good to see you back here!
Cheers,
Greg Trasuk
> On Jan 6, 2016, at 10:31 AM, James Hurley wrote:
>
> +1
>
> -Jim
>
> On Jan 06, 2016, at 10:13 AM, Patricia Shanahan wrote:
>> Please, please cancel this.
>>
>> We do need to have a serious discussion of River future direction. I
>>
+1
-Jim
On Jan 06, 2016, at 10:13 AM, Patricia Shanahan wrote:
Please, please cancel this.
We do need to have a serious discussion of River future direction. I
expect that discussion to take a lot longer than a week, and hope it
will involve as many users and potential users of River as possib
Please, please cancel this.
We do need to have a serious discussion of River future direction. I
expect that discussion to take a lot longer than a week, and hope it
will involve as many users and potential users of River as possible. For
example, we may need to canvas other project mailing lists
Your security analysis is too narrow, your thinking like a user, not an
attacker.
An attacker is not going to send you a proxy to load into a standalone
Classloader. She has the choice of the entire classpath, not you and not
River, that's right it's the senders choice, not the receivers.
She
Option 1. I propose that we take security seriously, no security patches are
to be rejected prior to review, that we review and analyse them properly based
on merit. That discussions about security issues be taken seriously.
Option 2. Alternatively I resign my River committer status
Please ca
11 matches
Mail list logo
