[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: follow-up to report 22
|
From: |
Graham Percival |
|
Subject: |
Re: follow-up to report 22 |
|
Date: |
Fri, 5 Nov 2010 13:26:02 +0000 |
|
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Fri, Nov 05, 2010 at 01:46:07PM +0100, David Kastrup wrote:
> Graham Percival <address@hidden> writes:
>
> > ------ from my comment 3
> > Before discussing anything specific, I want to settle the abstract
> > question "should an OSS project have any kind of private mailing
> > list?". You have two options:
>
> Unpatched security flaws affect a small circle of people when we are
> talking about server security, and a possibly large circle when we are
> talking about application security.
But should any discussion of those security flaws and work on
patches be made on a private, non-public mailing list?
> Commit access affects a different small circle of people. If somebody
> uses Savannah to ask for commit access for CVS-based projects, a mail
> will be sent to all people with project administrator status. A similar
> setting would seem to apply for git access.
But should any discussion about granting that access be made on a
private, non-public mailing list?
> Both scenarios involve a clearly-defined set of principally responsible
> people, defined by technical necessities rather than a fuzzy "people
> we(tm) feel good about" criterion.
There is no technical necessity for either of those discussions to
be private. There are a small number of people who are able
(technically) to give that access, but that is not a
social/organizational reason against having a larger discussion
about it.
The "fuzzy" comment is a complete non-sequeteur when we are
debating the abstract notion of a private mailing list.
> I am not particularly emotionally affected, merely trying to explain why
> others might feel more strongly about this.
I know why others might feel more strongly about it. If others
had a bloody brain on their shoulders, and actually read what I
wrote, and actually thought about what it meant, instead of going
on an insane backstabbing rant, they might realize that my motives
are exactly the same as theirs.
I repeat: do you (not necessarily "David", but "anybody") agree
that an OSS project can, in theory, have some kind of private
mailing list?
If not -- and if you (again, a general "you") really feel that we
need to delay 2.14 in order to debate this -- then let's debate
the abstract question. For the record, I believe that in some
cases, a private mailing list is appropriate. I believe there is
ample evidence that other projects have reached the same
conclusion. I believe that at least one set of guidelines for
runnning OSS projects explicitly recommends such a list.
If you -- all of you -- agree that in some cases, a private
mailing list is appropriate, then we could move on to the next
step. Which case(s) are appropriate for lilypond, how should it
be organized, etc. If you think it's worth delaying 2.14 in order
to debate this.
- Graham
- follow-up to report 22, Graham Percival, 2010/11/04
- Re: follow-up to report 22, Valentin Villenave, 2010/11/04
- Re: follow-up to report 22, Reinhold Kainhofer, 2010/11/04
- Re: follow-up to report 22, David Kastrup, 2010/11/05
- Re: follow-up to report 22, Graham Percival, 2010/11/05
- Re: follow-up to report 22, David Kastrup, 2010/11/05
- Re: follow-up to report 22,
Graham Percival <=
- Re: follow-up to report 22, Carl Sorensen, 2010/11/05
- Re: follow-up to report 22, Graham Percival, 2010/11/05
- Re: follow-up to report 22, Carl Sorensen, 2010/11/05
- Re: follow-up to report 22, Valentin Villenave, 2010/11/05
- Re: follow-up to report 22, Carl Sorensen, 2010/11/05
- Re: follow-up to report 22, Valentin Villenave, 2010/11/05
- Re: follow-up to report 22, Carl Sorensen, 2010/11/05
- Re: follow-up to report 22, Valentin Villenave, 2010/11/05
- Re: follow-up to report 22, Carl Sorensen, 2010/11/05
- Re: follow-up to report 22, David Kastrup, 2010/11/05