Ben Bucksch wrote: > > I am very glad about that, as I really need that info, but that's also > why I see it as something like "stating the necessarity". But the > proposal doesn't even allow me do to everything I need to do for Beonex.
Could you be specific about what you feel you would need to do for Beonex that you would not be able to do as a member of the security group? It seems to me that as such, you would have full access to all security bugs and could do whatever you feel necessary with them, short of disclosing the full details of the bug. This would include notifying your users of the bug's existence as soon as it is found (provided you only do so in a vague way) and supplying a patch the moment it is available. What else do you feel you need to do? Stuart.
