What Fedora makes sucking for me - or why I am NOT Fedora
Les Mikesell
lesmikesell at gmail.com
Fri Dec 12 04:47:55 UTC 2008
Kevin Kofler wrote:
> Les Mikesell wrote:
>> For my example of the late FC6 update, the machine didn't boot. I'd say
>> that's clearly a 'known broken' state at that point. But not much
>> more than that is clear. Why does that have to happen to more than one
>> machine?
>
> Because if we block/unpush/whatever updates based on a single report of
> brokenness, all Joe Evil Cracker needs to do to break into your machine is
> to wait for a security issue in OpenSSH or some other security-critical
> software, report the security update as "broken" and then exploit the hole.
> There would also be other kinds of vandals or jokesters who'd incorrectly
> report updates as "broken" just for fun.
What does it take then, if you don't believe reports? It wasn't
something you had to guess about. Any machine with certain types of
scsi controllers would have exhibited the problem. Could you establish
a list of trusted reporters with an assortment of hardware where you
could bounce requests to reproduce problems to make them believable?
--
Les Mikesell
lesmikesell at gmail.com
More information about the fedora-devel-list
mailing list