The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: new maintainers

To: "Susan G. Kleinmann" <sgk@kleinmann.com>
Subject: Re: new maintainers
From: Christian Schwarz <schwarz@monet.m.isar.de>
Date: Mon, 24 Mar 1997 16:24:10 +0100 (MET)
Cc: Tim Sailer <tps@users.buoy.com>, debian-private@lists.debian.org
In-reply-to: <199703232034.PAA11951@kleinmann.com>
Resent-cc: recipient list not shown: ;
Resent-date: 24 Mar 1997 16:09:39 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"RKZjR2.0.5q5.2TgDp"@debian>
Resent-sender: debian-private-request@lists.debian.org

On Sun, 23 Mar 1997, Susan G. Kleinmann wrote:

> Tim Sailer wrote:
> > On Mar 23, bruce@debian.novare.net wrote
> > > The part that seems to be intolerable to me is that I can not, in all hones
> ty,
> > > tell someone that I know who the programs in Debian came from.
> > 
> > This is one of the major stumbling blocks I have getting Debian in at
> > BNL. 
> 
> Right on.  For example, look at the "copyright" file on the qcrack package:
> --no author is named, 
> --there is no copyright definition for the qcrack program itself (just
>   a copyright date)
> --there is no copyright definition for the fcrypt program on which 
>   qcrack is based (just a copyright date), and 
> --fcrypt itself is probably under ITAR control!
> 
> I filed a bug report last week saying qcrack should be removed, but the 
> existence of even one package like this in the distribution is 
> frightening to me.

I just had a quick look to our Policy Manual and discovered that there is
no section covering things like "upstream maintainer authentication" or
some similar. (The section "Package copyright" only seams to cover our
rights to copy/distribute a program.)

IMHO we have to define some guidelines about these issues _ASAP_, and
every maintainer should check if his packages fulfill these. It would be
nice if someone could come up with a draft, here.

BTW, what's the current status of our discussion about verifying our
maintainers identity? If we have some decision on this, we should add this
to our Policy Manual.

Thanks,

Chris

--                 Christian Schwarz
Do you know         schwarz@monet.m.isar.de, schwarz@schwarz-online.com,
Debian GNU/Linux?    schwarz@debian.org, schwarz@mathematik.tu-muenchen.de

Visit                  PGP-fp: 8F 61 EB 6D CF 23 CA D7  34 05 14 5C C8 DC 22 BA
http://www.debian.org   http://fatman.mathematik.tu-muenchen.de/~schwarz/

References:
- Re: new maintainers
  - From: "Susan G. Kleinmann" <sgk@kleinmann.com>

Prev by Date: Re: new maintainers
Next by Date: purpose of our Policy Manual?
Previous by thread: Re: new maintainers
Next by thread: Re: new maintainers
Index(es):
- Date
- Thread