Mailinglist Archive: opensuse-buildservice (349 mails)

< Previous Next >
[opensuse-buildservice] FYI [Fwd: Re: [packman] Packman security policy questions]
  • From: Aniruddha <mailing_list@xxxxxxxxx>
  • Date: Sat, 03 Nov 2007 09:43:46 +0100
  • Message-id: <1194079426.15172.59.camel@xxxxxxxxxxxx>
Fyi, here's the mail I send to the Packman mailing list with the answer:

-------- Forwarded Message --------
From: Toni <toni@xxxxxxxxxxxxxx>
To: packman@xxxxxxxxxxxxxx
Cc: Aniruddha <mailing_list@xxxxxxxxx>
Subject: Re: [packman] Packman security policy questions
Date: Sat, 3 Nov 2007 09:02:15 +0100

Am Samstag, 3. November 2007 schrieb Aniruddha:
I am planning to support openSUSE 10.3 for both companies an home users.
I have found the Packman repository irreplaceable to get openSUSE
working in all it's glory. Thank you for that.

Now on with the more serious questions. My basic question is; I do trust
you guys, but how good are your security policies? Is the original
source checked for signs of malware? What is your policy for security
fixes? Who monitors them? What is the maximum response time if a
vulnerability is discovered? Thanks in advance.

oh, you want to donate and pay us for our spare time, so we can think
about "security policies" and "levels of services", and especially
response-times for you. I'm thinking of a "special service level", what do
you think about 1-2 hours as response time? Is this quick enough for you?
Ant we need more staff to monitor your wishes, and of course more hardware to
create and maintain databases for such issues...

If you want to be sure, please don't use our packages...
That's great! Awesome, best question ever heard....

Thx, you made my day :)

To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups