Re: Ports Secteam
As I've been unable to contribute to this team or to ports much lately I hereby request that I be removed from this team. I'd rather someone else who is more actively engaged take my spot. -- WXS > On Jun 8, 2015, at 7:31 PM, Xin Li wrote: > > Signed PGP part > On 06/08/15 14:37, Robert Simmons wrote: > > I'm sure that the reason these questions have not been answered is > > simply because they may have gotten lost in the volume of traffic > > on freebsd-ports. In the following thread, there are a number of > > folks with enough passion to volunteer time to help with the Ports > > Secteam, but we're having difficulty getting a few basic questions > > answered. > > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > > > Here are the basic questions: > > > > Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > > > How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. > > Cheers, > -- > Xin LI https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > > ___ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org" signature.asc Description: Message signed with OpenPGP using GPGMail
Re: Ports Secteam
On 9 June 2015 at 22:30, Mark Felder wrote: > > How do we make the ports-secteam effective again? Team members? > Infrastructure? New documentation and procedures? ports-secteam's scope has grown since it was created. The team needs new, active, members to be able to deal with the VuXML and quarterly branch portion of its work. We also need to creating tooling to make this easier: for instance it would be really awesome to automatically create VuXML entries from CVE/CPE data. > However, I'm not sure > "number of commits" is necessarily a valuable metric when considering > candidates... I agree. I *am* active as a ports-security member: I monitor relevent open & closed security lists for concerns that may affect FreeBSD. In addition I watch pkgng development for new security concerns. That said, I havn't committed to the ports tree very much lately. -- Eitan Adler ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
Re: Ports Secteam
On Mon, Jun 8, 2015, at 18:31, Xin Li wrote: > > On 06/08/15 14:37, Robert Simmons wrote: > > I'm sure that the reason these questions have not been answered is > > simply because they may have gotten lost in the volume of traffic > > on freebsd-ports. In the following thread, there are a number of > > folks with enough passion to volunteer time to help with the Ports > > Secteam, but we're having difficulty getting a few basic questions > > answered. > > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > > > Here are the basic questions: > > > > Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > > > How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. > miwi stepped down 7 months ago. His name on this list is a huge red flag that there is a lack of care and feeding for this team. As long as my script isn't broken, here are the number of commits from March 1st through June 1st by each committer in that list: eadler:6 jgh: 49 miwi:0 rea:5 sbz: 2 simon:0 swills: 117 wxs:1 zi: 64 There's an obvious lack of activity in that list and I would expect participation in ports-secteam duties to be closely monitored and have members rotated out if they take time away. My participation in the ports tree has been rather sporadic lately, but the script I used indicates I've 85 commits in that time period. However, I'm not sure "number of commits" is necessarily a valuable metric when considering candidates... How do we make the ports-secteam effective again? Team members? Infrastructure? New documentation and procedures? ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
Re: Ports Secteam
Hi, > > On June 9, 2015 at 1:59 AM Robert Simmons wrote: > > > On Mon, Jun 8, 2015 at 7:31 PM, Xin Li wrote: > > On 06/08/15 14:37, Robert Simmons wrote: > >> I'm sure that the reason these questions have not been answered is > >> simply because they may have gotten lost in the volume of traffic > >> on freebsd-ports. In the following thread, there are a number of > >> folks with enough passion to volunteer time to help with the Ports > >> Secteam, but we're having difficulty getting a few basic questions > >> answered. > >> https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > >> > >> Here are the basic questions: > >> > >> Who are the members of the Ports Secteam? > > > > Current members include the current security officers (who act as a > > fallback when needed and a contact for liaison for sensitive and > > embargoed information) and: > > > > Eitan Adler (eadler@); > > Jason Helfman (jgh@); > > Martin Wilke (miwi@); > > Eygene Ryabinkin (rea@); > > Sofian Brabez (sbz@); > > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > > Steve Wills (swills@); > > Wesley Shields (wxs@); > > Ryan Steinmetz (zi@); > > > >> How does one join the Ports Secteam? > > > > Per previous discussion with portmgr@, members are volunteers selected > > by the Security Officer from active ports committers who have made > > commits in the ports tree in the last 90 days. > > Excellent. Thanks for the quick reply! > > So, if membership requires committership, what is the next best way to > help the team? > ___ > I think that actively sending patches would help in getting in information sooner. A PR with the patch would greatly assist in that. Cheers Remko ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
Re: Ports Secteam
On Mon, Jun 8, 2015 at 7:31 PM, Xin Li wrote: > On 06/08/15 14:37, Robert Simmons wrote: >> I'm sure that the reason these questions have not been answered is >> simply because they may have gotten lost in the volume of traffic >> on freebsd-ports. In the following thread, there are a number of >> folks with enough passion to volunteer time to help with the Ports >> Secteam, but we're having difficulty getting a few basic questions >> answered. >> https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html >> >> Here are the basic questions: >> >> Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > >> How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. Excellent. Thanks for the quick reply! So, if membership requires committership, what is the next best way to help the team? ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
Re: Ports Secteam
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 On 06/08/15 14:37, Robert Simmons wrote: > I'm sure that the reason these questions have not been answered is > simply because they may have gotten lost in the volume of traffic > on freebsd-ports. In the following thread, there are a number of > folks with enough passion to volunteer time to help with the Ports > Secteam, but we're having difficulty getting a few basic questions > answered. > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > Here are the basic questions: > > Who are the members of the Ports Secteam? Current members include the current security officers (who act as a fallback when needed and a contact for liaison for sensitive and embargoed information) and: Eitan Adler (eadler@); Jason Helfman (jgh@); Martin Wilke (miwi@); Eygene Ryabinkin (rea@); Sofian Brabez (sbz@); Simon L. B. Nielsen (simon@, clusteradm@ liaison); Steve Wills (swills@); Wesley Shields (wxs@); Ryan Steinmetz (zi@); > How does one join the Ports Secteam? Per previous discussion with portmgr@, members are volunteers selected by the Security Officer from active ports committers who have made commits in the ports tree in the last 90 days. Cheers, - -- Xin LI https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -BEGIN PGP SIGNATURE- Version: GnuPG v2.1.4 (FreeBSD) iQIcBAEBCgAGBQJVdiXKAAoJEJW2GBstM+ns+rUP/iZoF77HjxrJTYabcPrgduDs ijWGw6NyvYR47r26jzss3HNdZ4qw9gPxtn3CroCBxQdOIUXaFbkYw3RAFhXvCIMV jBQRFkZmzupC/w9viorT1UEqiFCUa6Bd3qyE5kXRgM18EpXz3xWe3+bQW8OMvJ3h gaoXnbp5beZfxojGj5Ig4lJebBDsu9HB+cekoHECmdmdB11MsC/aGsQmbey95Kg3 Y7ERHENz1f/ZFbJaCurBCVVeB+07Nu/qNMFX6SqCHV177DvuzFM2oBaO1d552y8m /LldCGTC9TCUsloMZifncSgIs8DB6Aq9eDcDyT5mOUGqVkfJb0Y22F9RGG6dQcEY TEHRvHk7L+Huxsvq7YQK3kIC4ywDv/wpBIDsSK8devHXKWCxif+io+aYERad1cY1 LCFwWZGJ4ooxpZyV1GPKh+pX8YGFfMksFxeghUhJcFVdApX4PZRQGjeLOj8CYY8H 8un1qdFPStJz/zbTnF2JPsXi1x3/eeJLAdRtW4j3w2Hz9XwOTDcxpUZpwyO2bDZN Bl89+ee2OtjDCLG7y9Jgz7PZQG37sZMshV8dJqL/o2uILVwcB02rM4jme/e3Pg7B AeRZ4OqPZZoZhKS8y1AOGBSBmm6trLJzSKKvy+eboLVU8oIaozBEawqwZqeuXM2C iln7HRIgZ4/woDAjg4Tc =1ULw -END PGP SIGNATURE- ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
Ports Secteam
I'm sure that the reason these questions have not been answered is simply because they may have gotten lost in the volume of traffic on freebsd-ports. In the following thread, there are a number of folks with enough passion to volunteer time to help with the Ports Secteam, but we're having difficulty getting a few basic questions answered. https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html Here are the basic questions: Who are the members of the Ports Secteam? How does one join the Ports Secteam? ___ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
