| From: | Dimitri Fontaine <dimitri(at)2ndQuadrant(dot)fr> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Jean-Paul Argudo <jean-paul(at)postgres(dot)fr>, Stephen Frost <sfrost(at)snowman(dot)net>, Greg Sabino Mullane <greg(at)turnstep(dot)com>, pgsql-advocacy(at)postgresql(dot)org |
| Subject: | Re: Heroku early upgrade is raising serious questions |
| Date: | 2013-04-16 07:21:49 |
| Message-ID: | m2zjwzueia.fsf@2ndQuadrant.fr |
| Views: | Whole Thread | Raw Message | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-advocacy |
Bruce Momjian <bruce(at)momjian(dot)us> writes:
> People will not be happy if we add people to packagers and someone leaks
> information to hackers before the official release.
Indeed. That's the way it works today, though.
> Again, the damage is done if someone leaks information, and being
> removed from packagers doesn't fix the security problem for everyone
> else. We just can't have an iterative process here were we guess who is
> trust-worthy and vulnerable, and then remove people when we are wrong.
Agreed. It's a problem of trust, not of procedure, and that's what I
wanted to stress in my previous email by saying that we already have the
procedure. Thanks for underlining it.
Regards,
--
Dimitri Fontaine
http://2ndQuadrant.fr PostgreSQL : Expertise, Formation et Support
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Simon Riggs | 2013-04-16 07:51:33 | Re: 9.3 Beta 1 Coming Soon! |
| Previous Message | Ian Lawrence Barwick | 2013-04-16 00:51:44 | Re: 9.3 Beta 1 Coming Soon! |