1 |
On Monday 08 November 2004 11:02, Alexander Holler wrote: |
2 |
> So you have on the one side carefully crafted environments to protect |
3 |
> the system/user from software-failures or attackers, but on the other |
4 |
> side there is portage which is run regulary and is fetching scripts from |
5 |
> the internet which are run unchecked by root. |
6 |
> |
7 |
> I think this explains why I doesn't understand that nobody cares about |
8 |
> that. |
9 |
|
10 |
It really seems to me like you are trolling. The first email you sent was done |
11 |
so after getting frustrated with Mike Frysinger's (vapier) closing of the |
12 |
"versioned eclasses" bug. Yet, what you are talking about here is absolutely |
13 |
nothing to do with that. You made most of the same statements on the bug, but |
14 |
they were off-topic in that bug's context as well. Furthermore, there is |
15 |
already another bug open for that off-topicness. |
16 |
|
17 |
So, let me give you an account of where I see things are at: |
18 |
* SHA1 support is in portage but can't be enabled yet due to compatibility |
19 |
issues. That is, enabling it will prevent user's running <portage-2.0.51 |
20 |
from being able to upgrade. |
21 |
* Ebuild signing support is in portage and is starting to be adopted. |
22 |
Presently, there is a push for developer education. |
23 |
* CVS portage now runs most ebuild phases as the portage user rather than |
24 |
root and work is being done to support the last few as well. |
25 |
* Eclass, package and profile signing are all currently being worked on (and |
26 |
had begun before you started trolling) |
27 |
|
28 |
The thing you seem to keep coming back to is why it hasn't already been |
29 |
completed. You've been given the answer to that several times - lack of time |
30 |
and higher priority issues. What I really would like to know is why you are |
31 |
trying to tie up so much more of the time of the people that you would have |
32 |
implement support for these critical features with these pointless emails? |
33 |
|
34 |
Regards, |
35 |
Jason Stubbs |
36 |
|
37 |
-- |
38 |
gentoo-security@g.o mailing list |