guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: [oss-security] accepting new members to (linux-)distros lists

From: Ludovic Courtès
Subject: Re: FW: [oss-security] accepting new members to (linux-)distros lists
Date: Mon, 10 Jul 2017 17:53:24 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux) 
Leo Famulari <address@hidden> skribis:

> On Wed, Jul 05, 2017 at 01:33:05PM -0400, Mark H Weaver wrote:
>> address@hidden (Ludovic Courtès) writes:
>> > The real question is about our commitment to contribute back.
>> > Presumably only one or two of us would be on that list, so they would
>> > largely have that responsibility individually, even if the rest of us
>> > could of course help out as far as the embargo etc. permits.
>> >
>> > Long story short, I would be super happy if you or Mark were on that
>> > list.
>> >
>> > How do you feel about it?
>> 
>> It might be that joining linux-distros is the right thing to do, but I
>> don't have the spare capacity to contribute back at this time.  Also, I
>> have mixed feelings about promising to keep security flaws a secret for
>> however long I'm asked to do so (which apparently exceeded the time
>> specified in the mailing list rules for Stack Clash).  I'm not yet
>> prepared to make such a promise.
>
> I also don't have the time to contribute back to the linux-distros list
> at the level required in the list membership criteria.
>
> The work I do for Guix is my best effort and I think it's understood
> that, as a volunteer, there will be times when I am unavailable. My
> job's schedule is irregular and has to take precedence.
>
> On the other hand, it seems like the linux-distros mailing list
> community is trying to formally assign tasks for members to fulfill for
> the benefit of their community.
>
> Currently, I can't commit to doing any task by myself for the entire
> Linux distro community. Also, I don't think there is anybody on the list
> who knows me and could vouch for me alone.
>
> If there were another Guix member who could split the task, and had
> someone to vouch for them, that could make it possible. But based on the
> replies in the last 10 days, it doesn't seem to be the case.

There’s a handful of Guix contributors who’ve been active on security
fixes, so it would be great if one of them could team up with you!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]