The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Buffer overruns etc.

To: joost witteveen <joost@rulcmc.leidenuniv.nl>
Subject: Re: Buffer overruns etc.
From: Behan Webster <behanw@verisim.com>
Date: Tue, 22 Jul 1997 12:03:44 -0400
Cc: Thomas.Koenig@ciw.uni-karlsruhe.de, debian-private@lists.debian.org
Organization: Verisim, Inc. http://www.verisim.com/
References: <m0wqd3d-000CL1C@rulcmc.leidenuniv.nl>
Resent-cc: recipient list not shown: ;
Resent-date: 22 Jul 1997 17:03:33 -0000
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"0c-Ix.0.YJ4.bVErp"@debian>
Resent-sender: debian-private-request@lists.debian.org
Sender: behanw@debian.novare.net

joost witteveen wrote:
> 
> Maybe to create an extra insentive, we could add a "security" field
> to the packages[1]. All packages in the above list would start of
> with something like "insecure" in that field (all packages outside
> the above list would have something like "doesnotapply").
> 
> After some kind of source-code review has passed for the "insecure"
> packages, the security field would be upgraded to "checked".
> 
> Then, people can list mark/configure system as eighter "secure" or
> "dontcare", and dpkg would refuse to install "insecure" packages
> on "secure" system.

An excellent idea!

Might I suggest just 2 new keywords for the proposed "Keywords:"
header for deity?  A simple "secure" and "insecure" keyword would
allow people to specify that they'd only want to be offered
"secure" packages in deity's selection list.

The "Keywords" header allows us to add new keywords with impunity
and have any version of deity handle them instantly, albeit with
a little user intervention (i.e. new keywords would have to be
selected manually by the user until a keyword is classified, and
explicitly added to deity).

Just to explain, deity uses a user supplied list of keywords to
figure out what packages the user would like to be offered for
installation.  The idea is that the keywords are used to pare
down the list of available packages to those that the user might
be interested in.  By using this system, the average user will
hopefully have a list of only 200-300 packages to go through
instead of 1300.  This is explained in the deity UI spec which
was released yesterday.

Thanks,

Behan

-- 
Behan Webster     mailto:behanw@verisim.com
+1-613-224-7547   http://www.verisim.com/

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Follow-Ups:
- Re: Buffer overruns etc.
  - From: "Christian Hudon" <chudon@ee.mcgill.ca>

References:
- Re: Buffer overruns etc.
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

Prev by Date: gated
Next by Date: Re: contrib/non-free policy
Previous by thread: Re: Buffer overruns etc.
Next by thread: Re: Buffer overruns etc.
Index(es):
- Date
- Thread