Future of MOTU
jamie at canonical.com
Mon Feb 22 14:46:29 GMT 2010
On Mon, 2010-02-22 at 12:53 +0900, Emmet Hikory wrote:
> iii) MOTU SWAT needs help, especially as it moves from "universe" to
> "unseeded packages". I believe that extended discussion is worthwhile
> between the MOTU SWAT team and the Ubuntu Security team to determine
> if all security efforts could follow a standardised process and be
> handled by a single extended team (with some potential for separation
> within the team to support embargoed information, disclosure
> requirements, etc.). If MOTU SWAT is to remain separate, some work
> will need to be done on the tools to help better track what packages
> need attention and when.
I think in a lot of ways, this is already done. We just need more people
to get involved in the process.
Due to limitations in Launchpad, MOTU-SWAT still needs to be a separate
team from ubuntu-security (this is due to the ubuntu-security PPA
containing embargoed items and the fact that you must be a member of
ubuntu-security to publish from this PPA to the security pocket). We've
long wanted MOTU-SWAT to be able to manage themselves and we can
help/comment on procedures when the LP limitations are gone.
That said, with the help of various MOTU folk we identified
improvements in the security sponsorship process and have implemented
changes to address them and make our processes more like other teams.
The ubuntu-security-sponsors team was created, which MOTU-SWAT is a
member. Links for the security sponsorship processes are also integrated
into the the main SponsorshipProcess, just like with other teams.
Each week a member of the ubuntu-security team is assigned to process
bugs in our SponsorsQueue. So far, we've been doing all review as well
as publication, but MOTU-SWAT can get involved in the review process
which is really the most important part (while the ubuntu-security team
is required for publication, this is simply a matter of copying packages
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 198 bytes
Desc: This is a digitally signed message part
Url : https://lists.ubuntu.com/archives/ubuntu-motu/attachments/20100222/640c89ed/attachment-0001.pgp
More information about the Ubuntu-motu