reviving Fedora Legacy
Josh Boyer
jwboyer at gmail.com
Wed Oct 15 12:45:49 UTC 2008
On Wed, Oct 15, 2008 at 02:19:09PM +0200, Ralf Corsepius wrote:
>On Wed, 2008-10-15 at 07:33 -0400, Josh Boyer wrote:
>> On Wed, Oct 15, 2008 at 09:42:28AM +0200, Patrice Dumas wrote:
>> >On Wed, Oct 15, 2008 at 08:36:05AM +0100, David Woodhouse wrote:
>> >>
>> >> If we present the _appearance_ of a distro with security updates, while
>> >> in fact there are serious security issues being unfixed, then that is
>> >> _much_ worse than the current "That distro is EOL. Upgrade before you
>> >> get hacked" messaging.
>> >
>> >The aim here is not to present the _appearance_ of a distro with
>> >security updates but give the choice to the user either to upgrade or to
>> >stick with a distro where some packages will not be maintained.
>> >Something along "That distro is EOL. Upgrade before you get hacked.
>> >Alternatively, and at your own risk, you can enable a repository where
>> >some packages are updated on a volunteer basis, but some packages aren't
>> >maintained anymore."
>> >
>> >With a page listing which packages are still supported.
>>
>> The issue you will have is that people will not be comfortable opening the
>> ACLs for things like the kernel or glibc or gcc.
>And their rationale being what?
See my other reply.
>Them preferring leaving users exposed to vulnerabilities?
Obviously not, since the newer distros are maintained.
>Or is their rationale of personal nature?
Well, since we're all just talking theoreticals I don't see how anything
can be of a personal nature yet.
josh
More information about the fedora-devel-list
mailing list