On Nov 26, 2009, at 13:45, Lucas Maneos wrote: >> - Suppose tomorrow a security hole is found in openssh, if it's not visible >> in h-a-m how will users know about it?
This is orthogonal. If someone who installs openssh via apt-get hears that they need to upgrade, they'll upgrade via apt-get. If they use HAM, they'll use ham. The question is how do they get informed? This begs the question(s): does maemo.org have a security team? Do they communicate CAN vulnerabilities? Do we have a security policy? > > This is the biggest issue IMHO. In plain words: the platform package > management is a Good Thing(TM), and packages shouldn't fall > outside it, especially not for arbitrary reasons like they don't have a > GUI. This is hardly arbitrary. It is based on the observation that non-GUI apps are hard to use for end users. Do you not agree? Jeremiah _______________________________________________ maemo-community mailing list maemo-community@maemo.org https://lists.maemo.org/mailman/listinfo/maemo-community
