On Tue, Jul 26, 2005 at 02:33:12PM -0400, Chris Santerre wrote: > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > > Herb Martin writes: > > > Normally in an open source project anyone who wishes to > > > listen, lurk, and read or even use the bleeding edge code > > > is free to do so to learn and get into the frame of the > > > project. > > > > > > That cannot be true (to the same extent) if there are > > > security layers that make such gradual involvement > > > difficult. > > > > Yep, this is entirely true -- and this is the reason why the > > ASF suggests > > that lists should be open if at all possible. > > > > It's a tricky conundrum -- need to think about this some more... > > I don't see official rules majorly discussed in the open now. With a new > release of SA, you don't go into detail about what new rules are looking > for, so why should that change.
If they aren't discussed in the open right now, they aren't being discussed. :-) The development process is perfectly open right now, yet it's not a problem; i.e. we don't have any evidence that spammers are exploiting this. > People who update from SARE, just hear: "Hey xxxx.cf got updated." And they > go and get it. Or they don't even know it gets updated and the RDJ script > does it. So public is pretty good at just accepting the rule updates. Yes, but it's difficult for people to join SARE, or learn what goes into rule development. If all the development takes place in private, then there's no way for newcomers to join and this is a really bad thing. > Having an open public discussion on new rule ideas, pretty much defeats the > purpose. I'd like to see the data that supports this claim. I'm really skeptical. -- Duncan Findlay
signature.asc
Description: Digital signature
