no mandatory QA testing at all [Re: crazy thought about how to ease QA testing]
Jesse Keating
jkeating at j2solutions.net
Tue Feb 14 15:08:57 UTC 2006
On Tue, 2006-02-14 at 08:49 -0600, Eric Rostetter wrote:
>
> What we're proposing basically is a system in which someone can purposefully
> place a trojan horse or backdoor on all Fedora Legacy systems without any
> one checking for it ahead of time. You call that security? Putting all your
> eggs in your trust in one person rather than multiple people? That isn't
> security...
>
If I'm not mistaken, the timeout period starts when there is a package
for updates testing. We can't get to the updates testing package phase
w/out somebody doing the first level QA which includes making sure the
patch uses is a known good patch from at least some other vendor. So
the plot to root all Legacy systems is going to have to start further up
the food chain.
--
Jesse Keating RHCE (geek.j2solutions.net)
Fedora Legacy Team (www.fedoralegacy.org)
GPG Public Key (geek.j2solutions.net/jkeating.j2solutions.pub)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-legacy-list/attachments/20060214/c0072f36/attachment.sig>
More information about the fedora-legacy-list
mailing list