re-vision on the ARB

[Jonathan Carter]

On 17/08/2012 12:50, Allison Randal wrote:
>> Despite the best efforts of the ARB, the gatekeeper approach is
>> definitely not working. With this in mind I have been working with
>> some folks to propose a new process for app devs. I will post about it
>> next week when some of the thinking is jotted down.
> 
> I've been pondering what my ideal ARB process might look like, and it
> seems to be completely upside down of what we have now. Instead of
> manually verifying that each app meets the policy, we automatically
> verify what we can (which could include /opt path checks and apparmor
> profile checks), and have the system just publish if it passes those
> checks. Make sure we have an easy way for users to report any violations
> or bad effects, and be very responsive to remove offending packages.

That would be awesome! I think it's the only way you could have the
process scale.

I also think it might be a good idea to have a quarantine (like
-proposed) first, so perhaps an app could go into some staging-like
repository first and if early adopters havnen't found a major problem or
violation with it within a certain short period of time (could be as
short as a day or two) then it could be moved over to the main
repository. I just think it's important to be weary of kids who are
going to upload things that are going to remove all your documents or
something silly like that as a prank.

> That could break us free of the gatekeeper trap, and give us time to
> work on better automated checks and better automated packaging.

Sounds great.

-Jonathan