1 |
Over the years we've had a fairly consistent stream of suggestions that |
2 |
we should open up the e-build maintaining process to users instead of |
3 |
just devs. The main arguments against it are the security issues and an |
4 |
expectation that it would add to developer workloads. The former is |
5 |
certainly a real problem, although signing (assuming a reasonable |
6 |
web-of-trust) could mitigate that some (at least we'd know who to |
7 |
blame). The latter, however, is conjecture, and the only good way to |
8 |
verify it would be to actually try it and see what happens. Oh, and |
9 |
there's also a very real fear that if things go horribly wrong, that |
10 |
Gentoo's reputation would suffer quite badly. Perhaps I'm naive, but I |
11 |
tend to think that if we were to advertise project sunrise as |
12 |
experimental, temporary, use-at-your-own-risk, and |
13 |
might-break-your-system, and even put it on hardware without a |
14 |
gentoo.org address and add a portage hook that warns whenever the |
15 |
project sunrise overlay is used, then our reputation isn't really likely |
16 |
to suffer even if it's a complete disaster. |
17 |
|
18 |
So, Chris, what have I failed to address that would make this a really |
19 |
bad idea? |
20 |
|
21 |
-g2boojum- |
22 |
-- |
23 |
Grant Goodyear |
24 |
Gentoo Developer |
25 |
g2boojum@g.o |
26 |
http://www.gentoo.org/~g2boojum |
27 |
GPG Fingerprint: D706 9802 1663 DEF5 81B0 9573 A6DC 7152 E0F6 5B76 |