1 |
On Tue, 2006-06-13 at 11:10 -0500, Grant Goodyear wrote: |
2 |
> Over the years we've had a fairly consistent stream of suggestions that |
3 |
> we should open up the e-build maintaining process to users instead of |
4 |
> just devs. The main arguments against it are the security issues and an |
5 |
> expectation that it would add to developer workloads. The former is |
6 |
> certainly a real problem, although signing (assuming a reasonable |
7 |
> web-of-trust) could mitigate that some (at least we'd know who to |
8 |
> blame). The latter, however, is conjecture, and the only good way to |
9 |
> verify it would be to actually try it and see what happens. Oh, and |
10 |
> there's also a very real fear that if things go horribly wrong, that |
11 |
> Gentoo's reputation would suffer quite badly. Perhaps I'm naive, but I |
12 |
> tend to think that if we were to advertise project sunrise as |
13 |
> experimental, temporary, use-at-your-own-risk, and |
14 |
> might-break-your-system, and even put it on hardware without a |
15 |
> gentoo.org address and add a portage hook that warns whenever the |
16 |
> project sunrise overlay is used, then our reputation isn't really likely |
17 |
> to suffer even if it's a complete disaster. |
18 |
> |
19 |
> So, Chris, what have I failed to address that would make this a really |
20 |
> bad idea? |
21 |
|
22 |
Honestly, I'm not feeling the urge to retype everything I put into my |
23 |
last email again, just because someone else asked it. |
24 |
|
25 |
This has come up time and time again, and every time it gets shot down |
26 |
for lots of reasons. Why is it suddenly a good idea now, when it has |
27 |
always been a bad idea before? Is it just that now we have a lot of |
28 |
developers who are willing to allow users to break their boxes? |
29 |
|
30 |
-- |
31 |
Chris Gianelloni |
32 |
Release Engineering - Strategic Lead |
33 |
x86 Architecture Team |
34 |
Games - Developer |
35 |
Gentoo Linux |