[packman] Packman security policy questions

Aniruddha mailing_list at orange.nl
Sat Nov 3 09:42:00 CET 2007


On Sat, 2007-11-03 at 09:02 +0100, Toni wrote:
> Am Samstag, 3. November 2007 schrieb Aniruddha:
> > I am planning to support openSUSE 10.3 for both companies an home users.
> > I have found the Packman repository irreplaceable to get openSUSE
> > working in all it's glory. Thank you for that.
> >
> > Now on with the more serious questions. My basic question is; I do trust
> > you guys, but how good are your security policies? Is the original
> > source checked for signs of malware? What is your policy for security
> > fixes? Who monitors them? What is the maximum response time if a
> > vulnerability is discovered? Thanks in advance.
> oh, you want to donate and pay us for our spare time, so we can think 
> about "security policies" and "levels of services", and especially 
> response-times for you. I'm thinking of a "special service level", what do 
> you think about 1-2 hours as response time? Is this quick enough for you?
> Ant we need more staff to monitor your wishes, and of course more hardware to 
> create and maintain databases for such issues...
> 
> If you want to be sure, please don't use our packages...
> That's great! Awesome, best question ever heard....
> 
> Thx, you made my day :)

Can you at least try to stay on topic? You haven't addressed my
questions nor provided a valid argument. 

If you need an example on how you can answer to such questions without
becoming rude look here:
http://forums.gentoo.org/viewtopic-t-608969-highlight-.html



-- 
Regards,

Aniruddha






More information about the Packman mailing list