Ben Finney <[EMAIL PROTECTED]> writes: > Xavier Luthi <[EMAIL PROTECTED]> writes: > > > In the case of the webapp packaged for Debian, the installation > > time is not always the same as the configuration time, so it is > > not an option to use the upstream method to set the password: this > > would be a big security hole. That's why the Debian package of a > > webapp often needs to diverge from the upstream source in the way > > the application is configured. > > Such divergence is to be avoided where possible. [...]
This (and the rest of the paragraph) is phrased poorly, with a corollary left unimplied. Better is: Such divergence, though sometimes necessary, should be resolved as soon as possible by working with the upstream developers to merge Debian's improvements into a future upstream release. -- \ “Simplicity is prerequisite for reliability.” —Edsger W. | `\ Dijkstra | _o__) | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
