[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Packaging guidelines: IPv6



On Wed, 2006-07-05 at 15:50 +0200, Arjan van de Ven wrote:
> > Further: A basic security check would mean that each packager and the
> > reviewer must understand and know the programming language the software
> > he packages is written in.
> 
> actually only a reviewer.... 
> well depends on what you want; a general "this looks sane enough" is
> different from a detailed audit.
It's even worse: All FE currently has is an "initial this looks sane
enough" review. Once a package is in FE, there actually is no QA nor
audit on packages at all. Nobody but the package owner is allowed to
change packages. If he doesn't want to listen, nothing will happen,
maintainers have all kind of freedom to commit all kind of stupidities
they want.

> > It seems to me that a lot of people often forget that. But does that
> > mean that I (and all the other non-programmers) should stop contributing
> > to Extras?
> 
> absolutely not!
As I've just said in another posting: We need teams of competent people
to deal with dedicated tasks. Security/code auditing would be one
example for such task.

Ralf



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]