Mail archive
alpine-devel

Re: [alpine-devel] Teams and organisation (WAS: Fw: Improving cross-distribution security)

From: Natanael Copa <ncopa_at_alpinelinux.org>
Date: Thu, 14 Mar 2019 17:11:31 +0100

On Fri, 1 Mar 2019 21:19:01 -0500
Chloe Kudryavtsev <toast_at_toastin.space> wrote:

> > My personal opinion is that we need a team of (at least semi-)dedicated people
> > on a Security SIG to first and foremost:
> > - Maintain a security advisory program as a service for Alpine users.
> > - Make sure we are properly tracking and patching new vulnerabilities, both
> > through open-source intelligence and information sharing with other
> > distributions.
> >
> > [1]: https://docs.google.com/document/d/1TIGk24yLdoAC-JAH7IQzCAkxzX_YocUiHVbeSt-WZsk/edit?usp=sharing
>
> I disagree with your outlined approach, for various reasons.
> After a discussion over on IRC, we agreed on a more general team-based
> management approach.
> Please find the resulting draft proposal here[1].
>
> We also both agreed that something along these lines must be done, for
> many reasons.
> Kaniini has also expressed preemptive support in #alpine-devel.
>
> Hopefully, a deeper and more detailed discussion will take place (likely
> over IRC) within the next few days.
>
> [1]: https://p.toastin.space/F7MDfw?asciidoc

This has been suggested before. Wilcox had some good points and
suggestions[1].

And we need this badly. We are not lacking volunteers, but problem is
that I have become in a position that everything blocks on me. I want
fix that.

What would be the simplest way to get this started? We already have a
semi-team for infra, with Carlo as team lead.

We could probably also get a docs team running immediately, with Chloe
as team lead.

That would be a good start I think.

[1]: http://lists.alpinelinux.org/alpine-devel/5811.html
[2]: http://lists.alpinelinux.org/alpine-devel/6215.html


-nc


---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Thu Mar 14 2019 - 17:11:31 UTC