| 1 |
On Tue, Sep 07, 2004 at 07:09:27PM +0200 or thereabouts, Christian Parpart wrote: |
| 2 |
> Some questions remain anyway. WHO exactly may submit (have write access), and, |
| 3 |
> how to get into this new idea to get a bit more attention in public? |
| 4 |
|
| 5 |
Well, ideally, everyone would have write access. If that freaks people out |
| 6 |
a bit too much, then you could have some sort of cursory review process |
| 7 |
where a group of people review ebuilds to make sure they don't have any |
| 8 |
nastiness in them. |
| 9 |
|
| 10 |
If you restrict who can access the system too much, then you end up where |
| 11 |
we are now, with no net improvement. |
| 12 |
|
| 13 |
As for getting more attention to it -- start up threads on -dev asking for |
| 14 |
ideas. Write a GLEP. Make a fuss. :) |
| 15 |
|
| 16 |
BTW, one very real criticism of my original idea that will need to be |
| 17 |
addressed if anything is to be approved is ongoing maintainership of these |
| 18 |
user-submitted ebuilds. It's one thing to submit an ebuild via this fancy |
| 19 |
new system, but when that package has a security problem, someone needs to |
| 20 |
be there to bump the ebuild. You should not expect the current devs to |
| 21 |
take on this responsibility, nor should you expect the security team to. |
| 22 |
There will need to be some provisions made for ongoing support of these |
| 23 |
ebuilds. |
| 24 |
|
| 25 |
--kurt |
Archives