Re: Bits from the ftpmasters
[Matthew Palmer] > Do you believe that the ftpmaster team might be amenable to either of > the proposals mooted recently, such as multiple people certifying > that the package is OK (like "advocates for packages"), or a > collection of clueful DDs doing these sanity checks on NEW packages? The crypto export thing is a potential problem, but it seems to me that it has a pretty straightforward solution: host the NEW queue on a machine outside the US. Then it may as well be anon-HTTP-accessible as far as the US government would care. (Of course, there may be other reasons not to take the NEW queue public, like the possibility that something with a non-free license, which doesn't permit that sort of distribution at all, gets that far.) signature.asc Description: Digital signature
Re: Bits from the ftpmasters
On Tue, Feb 22, 2005 at 05:16:39PM +1000, Anthony Towns wrote: > Matthew Palmer wrote: > >AFAIK, we don't notify for every new piece of software in the archive, just > >those which would fall foul of the export restrictions. > > That's mistaken -- we automatically notify for all NEW packages, so that > we don't have to examine every upload of every package in order to send > a notification when crypto is added to an already existing package. > Basically our notifications say "this package may contain crypto, now or > at some future date". OK, thanks for the correction. I was a bit curious as to how we handled crypto notifications after the initial upload... > NEW processing for new binary packages is manual so that the name choice > can be reviewed, and for general sanity checking purposes. It might be > nice to do some sanity checking for changes to the copyright file in > packages that aren't NEW too, but that's not really feasible at the > moment, and "new binary package" is a fairly good indicator of > significant changes that warrant double checking, anyway. Do you believe that the ftpmaster team might be amenable to either of the proposals mooted recently, such as multiple people certifying that the package is OK (like "advocates for packages"), or a collection of clueful DDs doing these sanity checks on NEW packages? - Matt signature.asc Description: Digital signature
Re: Bits from the ftpmasters
Matthew Palmer wrote: AFAIK, we don't notify for every new piece of software in the archive, just those which would fall foul of the export restrictions. That's mistaken -- we automatically notify for all NEW packages, so that we don't have to examine every upload of every package in order to send a notification when crypto is added to an already existing package. Basically our notifications say "this package may contain crypto, now or at some future date". NEW processing for new binary packages is manual so that the name choice can be reviewed, and for general sanity checking purposes. It might be nice to do some sanity checking for changes to the copyright file in packages that aren't NEW too, but that's not really feasible at the moment, and "new binary package" is a fairly good indicator of significant changes that warrant double checking, anyway. Cheers, aj -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the ftpmasters
Goswin von Brederlow wrote: You need access to the NEW queue. But if I'm not misinformed any DD can get to the mirror on merkel? Packages may not be downloaded from the NEW queue due to US crypto regulations (and Debian's approach to fulfilling the resulting requirements); however if your package doesn't contain crypto code, you can put it on people.debian.org or some other website for other people to download/review while it's in the NEW queue. Developer access to the queue is limited by permissions to viewing .changes files and running ls -l; ftpmaster access is limited by policy to checking the correctness of the package with various tools. General access is only trivially more limited than developer access (and is much prettier). See http://ftp-master.debian.org/new.html Cheers, aj -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the ftpmasters
On Mon, Feb 21, 2005 at 12:55:39PM +0100, Goswin von Brederlow wrote: > Joel Aelwyn <[EMAIL PROTECTED]> writes: > > > On Sun, Feb 20, 2005 at 09:06:36PM +0100, Goswin von Brederlow wrote: > >> - uploads to NEW need an advocate in addition to the normal signature > >>... > > Hmmm. Seems like it could work, but might still have the issue that finding > > two maintainers who think something is good is not vastly more difficult > > than finding one; also, many packages are already co-maintained, would you > > allow co-maints to both sign it? I believe it *is* possible to get multiple > > signatures with GnuPG (the same way you can encrypt something to multiple > > keys), but I'd have to go dig through the docs to figure out how to do it. > > When talking about a more automated NEW queue people said that > ftp-master checks package names and splits for sensibility and rejects > quite a few of those because they are silly. Having 2 people think > about it should reduce that somewhat (not as much as a NEW team though). > > It's a simple 4 eyes see more than 2 solution. So co-maintained both > signig should be ok, it's still 4 eyes, 2 brains, half an IQ :) Indeed; I think co-maint is good for precisely this reason (as well as not having a single point of failure if a DD goes on vacation or has life events nail them). I just don't know that it would be sufficient to really be much of a filter on the NEW queue (though if the experience of the ftpmaster team is that a huge number of the packages that take more than $small_time to deal with are things that would probably be caught by a second set of eyes, hey, great). It's also not exclusive to the other proposal, conveniently. :) > >> - a NEW team > >>... > >... > > 3) Doesn't (as far as I can see offhand) require access to sensitive > > accounts, key signatures, or software. Thus, someone who processes NEW as > > a "generate recommendations for ftpmaster" can do the job without needing > > much, if any, in the way of privileged access (possibly some issues with > > crypto, but those should be easily resolveable). > > You need access to the NEW queue. But if I'm not misinformed any DD > can get to the mirror on merkel? > > If not, an inofficial NEW queue could be setup by someone, uploads to > there could be judged and then put into the real queue with a > recommendation mail. Whether or not ftp-master would find that usefull > or not is another question (and they have to answere that). As noted, I don't *think* this requires any privileged access, but not having done it, I can't say for certain. It seems highly likely that A) it requires less than full-bore ftpmaster, and B) if it requires privs of some sort, they could probably be granted separately from the rest, thus allowing a lower bar to entry than needing to be proven capable of handling "Not only could you upload trojans to $BIGNUM Debian user installations, but you could utterly break the entire distribution, or subtly compromise the archive and eradicate most of your tracks". Reducing the required trust for a position (so long as that doesn't cripple those doing the position, of course!) is generally a good thing... > >... > > > > Not that I expect, given how this and past conversations have gone, that > > they'd particularly want to deal with me, but if a NEW processing group is > > considered worthwhile, consider me volunteered to put in the time. Maybe > > the work is suitable revenge for having to read or delete so many of my > > emails. > > Maybe you could make contact with ftp-master and ask their opinion. I > doubt they would want a non DD running the show. I could, and if I had any indication it wouldn't just annoy folks, at this point, I would. I suspect a third party who hasn't aggravated at least one of them within the past couple of days might have better luck, though... nor is it the first time I've annoyed someone involved. Whether you think it was worth it or not, it means that I may not be the best representative for trying to convince people to make a change that *will* cost them at least the time of reviewing the proposal. I have some hope that the various folks who have a better rapport will be able to bring it up as a useful discussion, probably in private given the current situation. But it seemed rude to say "Yeah, great idea!" and not at least offer to put my time where my mouth is. -- Joel Aelwyn <[EMAIL PROTECTED]> ,''`. : :' : `. `' `- signature.asc Description: Digital signature
Re: Bits from the ftpmasters
Joel Aelwyn <[EMAIL PROTECTED]> writes: > On Sun, Feb 20, 2005 at 09:06:36PM +0100, Goswin von Brederlow wrote: >> - uploads to NEW need an advocate in addition to the normal signature >>... > Hmmm. Seems like it could work, but might still have the issue that finding > two maintainers who think something is good is not vastly more difficult > than finding one; also, many packages are already co-maintained, would you > allow co-maints to both sign it? I believe it *is* possible to get multiple > signatures with GnuPG (the same way you can encrypt something to multiple > keys), but I'd have to go dig through the docs to figure out how to do it. When talking about a more automated NEW queue people said that ftp-master checks package names and splits for sensibility and rejects quite a few of those because they are silly. Having 2 people think about it should reduce that somewhat (not as much as a NEW team though). It's a simple 4 eyes see more than 2 solution. So co-maintained both signig should be ok, it's still 4 eyes, 2 brains, half an IQ :) >> - a NEW team >>... >... > 3) Doesn't (as far as I can see offhand) require access to sensitive > accounts, key signatures, or software. Thus, someone who processes NEW as > a "generate recommendations for ftpmaster" can do the job without needing > much, if any, in the way of privileged access (possibly some issues with > crypto, but those should be easily resolveable). You need access to the NEW queue. But if I'm not misinformed any DD can get to the mirror on merkel? If not, an inofficial NEW queue could be setup by someone, uploads to there could be judged and then put into the real queue with a recommendation mail. Whether or not ftp-master would find that usefull or not is another question (and they have to answere that). >... > > Not that I expect, given how this and past conversations have gone, that > they'd particularly want to deal with me, but if a NEW processing group is > considered worthwhile, consider me volunteered to put in the time. Maybe > the work is suitable revenge for having to read or delete so many of my > emails. Maybe you could make contact with ftp-master and ask their opinion. I doubt they would want a non DD running the show. MfG Goswin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the ftpmasters
Pierre Habouzit wrote: > > Because there's no guarantee (or even real likelihood) that the two > > developers whose signatures appear on the package have sufficient > > Clue to be able to produce quality packages. Pair programming only > > works when both people are switched on and taking note of their > > surroundings. The ftpmasters are, in general, senior and clueful > > DDs, with a good knowledge of the likely high and low points of a > > package. > > you're right. though, I think there is even young DD (or even > maintainers) that are quite good too ;) You always have exeptions to the rules. Regards, Joey -- A mathematician is a machine for converting coffee into theorems. Paul Erdös -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Bits from the ftpmasters
Pierre Habouzit wrote: > Le Lun 21 Février 2005 00:16, Matthew Palmer a écrit : > > NEW would still have to be processed by hand, though -- crypto > > notifications still need to be sent, and the protection provided by > > two crap developers working on a package isn't not that much better > > than one crap developer working on a package. Add to that an override disparity when the maintainer considers other sections and priority useful for the package than the ftpmasters. Regards, Joey -- A mathematician is a machine for converting coffee into theorems. Paul Erdös -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
