savannah-hackers
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gnu.org #209003] Re: [Savannah-hackers] Outdated file location for


From: Sylvain Beucler
Subject: Re: [gnu.org #209003] Re: [Savannah-hackers] Outdated file location for AUCTeX?
Date: Tue, 31 Aug 2004 21:38:05 +0200
User-agent: Mutt/1.4.2.1i

On Mon, Aug 30, 2004 at 06:25:23PM -0400, James Blair via RT wrote:
> Sorry for the delay, I wanted to have a conversation with Bradley Kuhn
> about this before I responded.
> 
> It is disturbing that this directory is being mirrored.  The last thing
> we want to do is distribute possibly compromised code.  We should indeed
> pull it ASAP.  How about this proposal:
> 
> 1) Move contents of ftp.gnu.org/savannah out of the way
> 2) Make them available to people by email request
> 3) Replace with a README that explains:
>    a) about the compromise
>    b) what resources are available to developers that would like to
>       audit their code
>    c) whom to contact by email to get those resources
>    d) whom to contact by email to report results of an audit
> 4) Possibly include a list of packages and their audit status?
> 
> I don't think we've received an audit report in a very long time, so I
> don't expect that we'll actually get many (if any) requests.  Would
> savannah-hackers be interested in storing these resources on the
> Savannah server (in a non-public-accessible location) and being the
> point of contact for requests?


The Savannah hackers agree to take this in charge :)

-- 
Sylvain




reply via email to

[Prev in Thread] Current Thread [Next in Thread]