Option 1. I propose that we take security seriously, no security patches are
to be rejected prior to review, that we review and analyse them properly based
on merit. That discussions about security issues be taken seriously.
Option 2. Alternatively I resign my River committer status
Please
Please, please cancel this.
We do need to have a serious discussion of River future direction. I
expect that discussion to take a lot longer than a week, and hope it
will involve as many users and potential users of River as possible. For
example, we may need to canvas other project mailing
+1
-Jim
On Jan 06, 2016, at 10:13 AM, Patricia Shanahan wrote:
Please, please cancel this.
We do need to have a serious discussion of River future direction. I
expect that discussion to take a lot longer than a week, and hope it
will involve as many users and potential users of
On 06-01-16 18:49, Simon IJskes - QCG wrote:
On 06-01-16 13:38, Peter wrote:
Your security analysis is too narrow, your thinking like a user, not
an attacker.
An attacker is not going to send you a proxy to load into a standalone
Classloader. She has the choice of the entire classpath, not
On 06-01-16 13:38, Peter wrote:
Your security analysis is too narrow, your thinking like a user, not an
attacker.
An attacker is not going to send you a proxy to load into a standalone
Classloader. She has the choice of the entire classpath, not you and not
River, that's right it's the
Hi Jim:
Good to see you back here!
Cheers,
Greg Trasuk
> On Jan 6, 2016, at 10:31 AM, James Hurley wrote:
>
> +1
>
> -Jim
>
> On Jan 06, 2016, at 10:13 AM, Patricia Shanahan wrote:
>> Please, please cancel this.
>>
>> We do need to have a serious
Peter,
I think that there might be a consensus for publishing 3.0 and then
considering security patches against it.
Bryan
Bryan Thompson
Chief Scientist & Founder
SYSTAP, LLC
4501 Tower Road
Greensboro, NC 27410
br...@systap.com
http://blazegraph.com
http://blog.blazegraph.com
Blazegraph™
Vote withdrawn.
Peter.
Sent from my Samsung device.
Include original message
Original message
From: Patricia Shanahan
Sent: 07/01/2016 01:13:23 am
To: dev@river.apache.org
Subject: Re: VOTE: Take Security seriously or my resignation.
Please, please cancel this.
We