new features in package CVS
Jason L Tibbitts III
tibbs at math.uh.edu
Wed Jan 31 00:43:36 UTC 2007
>>>>> "TL" == Tom Lane <tgl at redhat.com> writes:
TL> OK, but then the default for existing packages is to be wide open
TL> :-(.
Yes, thankfully. Otherwise we would have a massive change in behavior
overnight.
TL> Or are you auto-creating empty pkg.acl file for all existing
TL> packages, as well as new imports?
Hopefully not.
TL> I hope the answer is yes, so we don't all have to scramble to
TL> close up our packages.
Why on earth would you want to? We've not had any access control for
all this time (and with amazingly good results, I might add), and all
of a sudden you'd have to scramble to close things down? If you do
nothing to impose ACLs on your packages, no behavior will change.
You'll not somehow be less secure.
The one concern I have is the ability of package maintainers to lock
out too many people, such as the security team or those of us who just
go through and fix problems in packages.
- J<
More information about the Fedora-maintainers
mailing list