[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: Savannah situation
|
From: |
Bradley M. Kuhn |
|
Subject: |
[Savannah-hackers] Re: Savannah situation |
|
Date: |
Thu, 18 Dec 2003 09:58:30 -0500 |
|
User-agent: |
Mutt/1.5.4i |
Mathieu Roy wrote:
> But, clearly, making this kind of decision without discussion, just
> keeping us waiting without knowing what was going on, is clearly the
> major mistake.
This is precisely why we apologized, and I now apologize again. I hope
that we can now move past the anger and work together.
> That was what debian did. packages.debian.org is still unavailable (not
> a big deal) but security.debian.org was up 2 or 3 days after the
> compromised.
Comparing security.debian.org to savannah isn't really a good comparison;
they are very different systems. Debian's CVS server was down for quite a
while, AFAIK.
Regardless, by now, I hope you've seen Eben's message. We do have a legal
obligation to carry out due diligence to secure the system before
providing services again. That's what we are doing, hopefully in
cooperation with savannah-hackers. As you can see elsewhere on this
thread, we've been talking with Rudy about plans to bring the system back
online. I hope you will choose to join that discussion.
> I do not get exactly what help you would need. Installing apache, mysql
> etc is pretty trivial. Securing these tools take some time but cannot be
> done by 5 persons at the same time.
You are the expert on the savannah software itself, and we would love to
have your help.
> I think you have now to finish what you started.
We will of course finish securing the system infrastructure of the
machine, but we will need the help of the savannah hackers with the
software you have written. We are here to help and make savannah better
than it was before, and we hope you will be part of the process that does
that.
> If you need specific information from me, I can provide it, you can send
> a mail.
Thank you for making yourself available.
> Until now, I did not seen any plan, any schedule.
Paul posted a message about plans regarding the various plans for the
secured changes to savannah's system level services. We didn't see any
comments from you on that. We look forward to them.
We plan to complete the items listed there today, and hope to work today
with some savannah hackers to get the savannah software running.
--
Bradley M. Kuhn, Executive Director
Free Software Foundation | Phone: +1-617-542-5942
59 Temple Place, Suite 330 | Learn more about FSF and how you can help:
Boston, MA 02111-1307 USA | http://svcs.affero.net/rm.php?r=bkuhn&p=FSF
pgpvkfASXmtQZ.pgp
Description: PGP signature
- Re: [Savannah-hackers] Savannah situation, (continued)
- Re: [Savannah-hackers] Savannah situation, Bradley M. Kuhn, 2003/12/17
- Re: [Savannah-hackers] Savannah situation, Rudy Gevaert, 2003/12/18
- Re: [Savannah-hackers] Savannah situation, Rudy Gevaert, 2003/12/18
- Re: [Savannah-hackers] Savannah situation, Bradley M. Kuhn, 2003/12/18
- Re: [Savannah-hackers] Savannah situation, Vincent Caron, 2003/12/18
- Re: [Savannah-hackers] Savannah situation, Rudy Gevaert, 2003/12/18
[Savannah-hackers] Re: Savannah situation, Mathieu Roy, 2003/12/18
[Savannah-hackers] Re: Savannah situation,
Bradley M. Kuhn <=