1 |
> The list is to discuss functions relating to security itself, |
2 |
> how do you improve your system those kind |
3 |
> of things. warnings relating to security. anyone can post |
4 |
> questions to a list. |
5 |
What has SPAM todo with security?!
|
6 |
|
7 |
> Your gentoo system, is as secure as you the builder of that box, |
8 |
> set it up to be. If you emerge 'unsecure' |
9 |
> things, then you'll have an less than secure box. |
10 |
We're testing currently the gentoo distro if it can be used in a production environment. Within that test is also included the quality of the mailinglists of the maintainer of the distro, in this case Gentoo.
|
11 |
|
12 |
|
13 |
> So how does a public mailing list for discussing security issues |
14 |
> or announcements, have any bearing on the actual security of a product? |
15 |
They reflect on each other. Gentoo has setup a mailinglist where it's possible to send SPAM to, this only because the list is not moderated.
|
16 |
Mailinglist are easy stuff. And because the security of the mailinglist is not that good, so why should the distro than even have better security policy?
|
17 |
|
18 |
The gentoo maintainers have to decide whether a post is qualified to be posted to a list. And what if i announce on the security list that Gentoo has a enormous security bug in it's portage system, while it's not true.
|
19 |
|
20 |
We're subscribed on two mailinglists gentoo-security and gentoo-annouce. Almost every announcement we get three times! One send by the gentoo-security list, the other by the gentoo-annouce list and than we receive a annoucement over both lists..
|
21 |
|
22 |
Further, Announcement of new or upgraded packages shouldn't be on the security list, they belong on the accounce list. Announcements that contains bugs or bug-fixes they belong on the security list.
|
23 |
For example, what has the release of Gentoo 1.4rc1 todo with security?? That's clearly a announcement.
|
24 |
|
25 |
|
26 |
With best regards,
|
27 |
|
28 |
Dave Mertens - Unix Systems Manager
|
29 |
|
30 |
Innovative Solutions in Media BV
|
31 |
Schiekade 101
|
32 |
3033 BG Rotterdam, Netherlands
|
33 |
T +31-10-2436060
|
34 |
F +31-10-2436066
|
35 |
http://www.ism.nl
|
36 |
|
37 |
Quality Solutions - Reliable Partner |