Strawman: merge main and universe
Kees Cook
kees at ubuntu.com
Thu Dec 13 18:58:37 GMT 2007
Hi,
On Wed, Dec 12, 2007 at 10:24:56PM +0000, Scott James Remnant wrote:
> Security support is another angle to take; and another bucket of worms.
What gets security support[1] is a list of packages. I personally don't
care what that list is called, as long as the contents don't change
suddenly, and there is still a manual process that allows packages to
get on the list. I'd propose the following requirements for implementing
the suggested change:
- Whatever seeds end up being defined as "security-supported" should not
differ in content much from the current list of packages in "main".
- As mentioned by Martin, the process for a package crossing over into
the security-supported seeds must be manual, and the approval process
should be as strict as current MIR.
- The list of supported packages should be easy for an end-user to
query. From some of the other threads on this subject, it sounds like
making the package list discoverable is critical to the success of the
plan. And I think this method needs to be separate from Launchpad --
a server admin studying his system needs to be able to ask the
question "what packages do I have installed that are NOT supported?"
without making tons of queries to LP, doing arcane dctrl-greps, or
writing scripts to parse germinate output.
Beyond that stuff, I think it sounds like a great idea, even if it does
result in some higher complexity in places.
-Kees
[1] in this context, I mean "Canonical-sponsored security support".
--
Kees Cook
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20071213/9e5cfaa3/attachment.pgp
More information about the ubuntu-devel
mailing list