| 1 |
On Saturday 24 June 2006 18:54, Edward Catmur wrote: |
| 2 |
> * Security (from malicious contributors): Glad to see layman will only |
| 3 |
> track the reviewed/ tree; still, anyone who checks out the sunrise/ tree |
| 4 |
> (and has it in PORTDIR_OVERLAY) is vulnerable. |
| 5 |
> |
| 6 |
> - Remove from the examples any suggestion that one should check out the |
| 7 |
> whole tree when contributing. Point out that one should not svn up |
| 8 |
> sunrise/ as part of updating Portage. |
| 9 |
|
| 10 |
valid point i think |
| 11 |
|
| 12 |
ive never admined svn repos before, but would it be possible to shut off anon |
| 13 |
access to the non-reviewed tree ? i think that would cover this issue as |
| 14 |
people who get bit by bugs in the non-reviewed tree would (and should) be |
| 15 |
able to just go in and fix it themselves :) |
| 16 |
|
| 17 |
> * Conflicts between contributors (social): Alice adds an ebuild; Bob |
| 18 |
> makes a (maybe "obvious") change; Alice thinks the change is incorrect, |
| 19 |
> and, feeling that the ebuild is her property, reverts the change. A |
| 20 |
> revert war erupts. Many casualties. |
| 21 |
> |
| 22 |
> - Create a social structure to enable Alice and Bob to communicate and |
| 23 |
> resolve their differences of opinion. Forums? Wiki? IRC? Bugzilla? I |
| 24 |
> would argue there should be One True location for this to occur; /not/ |
| 25 |
> bugzilla (bugspam); /not/ IRC (impermanence). |
| 26 |
|
| 27 |
revert wars are retarded on the base level. if people are unable to solve |
| 28 |
issues via communication channels, i'd say just toss the people involved and |
| 29 |
the material in question. |
| 30 |
-mike |
Archives