| 1 |
"Dave Mertens" <dmertens@×××.nl> writes: |
| 2 |
|
| 3 |
> What has SPAM todo with security?! |
| 4 |
|
| 5 |
Eh, isn't it part of the definition of SPAM, that it does not have any |
| 6 |
context? |
| 7 |
|
| 8 |
> We're testing currently the gentoo distro if it can be used in a |
| 9 |
> production environment. Within that test is also included the |
| 10 |
> quality of the mailinglists of the maintainer of the distro, in this |
| 11 |
> case Gentoo. |
| 12 |
|
| 13 |
I have my doubts about mailinglists being a good way to judge the |
| 14 |
quality of a project. |
| 15 |
|
| 16 |
> They reflect on each other. Gentoo has setup a mailinglist where |
| 17 |
> it's possible to send SPAM to, this only because the list is not |
| 18 |
> moderated. |
| 19 |
|
| 20 |
So, in your opinion all lists should be moderated? Spam is annoying, |
| 21 |
of course, but making all lists moderated is not a solution in my |
| 22 |
opinion, because it makes communication also more complicated in a |
| 23 |
way. Look at (open) mailinglists as some kind of technical mechanism. |
| 24 |
Not more. It is the then users job to read what he wants to read and |
| 25 |
to skip what he wants to skip. He can install filters on his |
| 26 |
computer, if he wants to. |
| 27 |
|
| 28 |
> Mailinglist are easy stuff. And because the security of the |
| 29 |
> mailinglist is not that good, so why should the distro than even |
| 30 |
> have better security policy? |
| 31 |
|
| 32 |
"The security of the mailinglist is not good" does not make much |
| 33 |
sense; I cannot see any security leak, because the list worked as |
| 34 |
expected. Or can you see a security leak? |
| 35 |
|
| 36 |
> The gentoo maintainers have to decide whether a post is qualified to |
| 37 |
> be posted to a list. |
| 38 |
|
| 39 |
I disagree. |
| 40 |
|
| 41 |
> And what if i announce on the security list that Gentoo has a |
| 42 |
> enormous security bug in it's portage system, while it's not true. |
| 43 |
|
| 44 |
There should be way to proove wether such a posting is a fake or not - |
| 45 |
for instance via signatures. |
| 46 |
|
| 47 |
moritz |
| 48 |
-- |
| 49 |
moritz@×××××××××××××××.de - http://duesseldorf.ccc.de/~moritz/ |
| 50 |
GPG fingerprint = 3A14 3923 15BE FD57 FC06 B501 0841 2D7B 6F98 4199 |
Archives