no mandatory QA testing at all [Re: crazy thought about how to ease QA testing]
Eric Rostetter
rostetter at mail.utexas.edu
Tue Feb 14 14:49:12 UTC 2006
Quoting Benjamin Smith <ben at schoolpathways.com>:
> I'd rather err on the side of security.
>
> -Ben
Then you would insist on a real QA test suite, one that also tested the
security of the test. You would be against pushing untested updates.
I think you would rather err on the side of timelyness rather than security...
What we're proposing basically is a system in which someone can purposefully
place a trojan horse or backdoor on all Fedora Legacy systems without any
one checking for it ahead of time. You call that security? Putting all your
eggs in your trust in one person rather than multiple people? That isn't
security...
I'm staying out of the argument for or against this proposal, as my fews
should be well known from the last dozen times this has come up, and I'm
tired of fighting for this. I can always just upgrade my machines to
Centos should Fedora Legacy lose its security.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Go Longhorns!
More information about the fedora-legacy-list
mailing list