[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [gnu.org #209003] Re: [Savannah-hackers] Outdated file location for
From: |
Sylvain Beucler |
Subject: |
Re: [gnu.org #209003] Re: [Savannah-hackers] Outdated file location for AUCTeX? |
Date: |
Tue, 31 Aug 2004 21:38:05 +0200 |
User-agent: |
Mutt/1.4.2.1i |
On Mon, Aug 30, 2004 at 06:25:23PM -0400, James Blair via RT wrote:
> Sorry for the delay, I wanted to have a conversation with Bradley Kuhn
> about this before I responded.
>
> It is disturbing that this directory is being mirrored. The last thing
> we want to do is distribute possibly compromised code. We should indeed
> pull it ASAP. How about this proposal:
>
> 1) Move contents of ftp.gnu.org/savannah out of the way
> 2) Make them available to people by email request
> 3) Replace with a README that explains:
> a) about the compromise
> b) what resources are available to developers that would like to
> audit their code
> c) whom to contact by email to get those resources
> d) whom to contact by email to report results of an audit
> 4) Possibly include a list of packages and their audit status?
>
> I don't think we've received an audit report in a very long time, so I
> don't expect that we'll actually get many (if any) requests. Would
> savannah-hackers be interested in storing these resources on the
> Savannah server (in a non-public-accessible location) and being the
> point of contact for requests?
The Savannah hackers agree to take this in charge :)
--
Sylvain