Gentoo Archives: gentoo-council

From: Roy Marples <uberlord@g.o>
To: Donnie Berkholz <dberkholz@g.o>
Cc: gentoo-council@l.g.o
Subject: Re: [gentoo-council] Council meeting summary for 8 November 2007
Date: Fri, 09 Nov 2007 07:54:17
In Reply to: [gentoo-council] Council meeting summary for 8 November 2007 by Donnie Berkholz
On Thu, 2007-11-08 at 14:25 -0800, Donnie Berkholz wrote:
> Here is the summary from today's council meeting. The complete log will > show up at shortly.
> Baselayout-2: uberlord will continue to maintain it > ---------------------------------------------------
> lu_zero asked whether we had anything to do about baselayout-2 since > uberlord resigned. He's continuing to maintain it in a git repository > and will remain upstream for it. More details will emerge over time.
> kingtaco raised the question of trusting external releases and hosts. > Some responses suggested that using git may prevent the malicious > host, > because of the possibility of GPG-signed tags. He mentioned the > possibility of the infra team hosting Gentoo-critical repositories > with > access by non-Gentoo developers. It's just an idea at this point, but > he's going to talk to the rest of the infra team.
They should be treated in the same way as any other package. Or do you trust a gentoo dev MORE than say a gcc/glibc/kernel/bash/foo dev? If so, why? More to the point, if said dev then joins Gentoo, do you implicitly trust that dev more? As I've gone the other way, do you now trust me less? I'd like to know why also :) At the end of the day, open source is about quite a bit of trust really, regardless of who you are or who (if anyone) you're coding for at the time. And as it may become an external project, it makes things easier to drop it and say move to einit, init-ng or upstart which has been discussed before. Thanks Roy -- gentoo-council@g.o mailing list


Subject Author
Re: [gentoo-council] Council meeting summary for 8 November 2007 Donnie Berkholz <dberkholz@g.o>