I recall having one conversation with him when he worked at Hortonworks (maybe still does? - I don't know) about adding a RPM build target to HBase, which didn't make much sense for us in my present opinion, and I believe we politely declined at the time. I presumed he was involved with distribution packaging there.
> On Mar 12, 2016, at 9:31 PM, Konstantin Boudnik <[email protected]> wrote: > > Who's that fella anyway? I have a vague recollection that he was at Y!, > walking around and whining about everything? Or was it a different Eric? I am > getting old and want to forget all the unpleasant episodes in my life. > > Anyway, his logic is flawed and lead us to the extreme where we just have to > stop using any software out there, because there might be some vulnerability. > While we need to strive to make our product better and safer for users, there > are also realities and things we do not control. > > There's quite positive part in this whole discussion: I really like that the > other people in the ecosystem look at us as the de-facto focal point of the > stack integration. I think the mission is accomplished! But let's not rest > here just yet ;) > > Cos > >> On Sat, Mar 12, 2016 at 08:30PM, Roman Shaposhnik wrote: >> Hi! >> >> our good friend Eric Yang has been at it again: spreading >> FUD about Bigtop: https://s.apache.org/KglM >> >> Nothing new, aside from this quote: >> ==================================================== >> Bigtop contains /lib/lsb/init-functions which will import redhat-lsb-core >> which imports exim. Exim is known for common root escalation >> vulnerability. If you value your cluster security, I would recommend to >> think twice before using BigTop. >> ==================================================== >> >> Could someone who's dealt with security for real (Olaf -- your >> name came to mind immediately) please comment on that >> JIRA thread? >> >> Typically I wouldn't feed Eric 'the troll' Yang, but I think having >> this type of allegation in a public record could be pretty bad for >> us. >> >> Thanks, >> Roman.
