Chris McDonough wrote: > I'm wondering if you might consider applying for checkin privileges.
I've considered it. I don't think you need anymore cooks, maybe just a few more recipes. > The host header issue that you've uploaded several patches for is a > bonafide problem for some users, but I think that most people with > checkin privs feel that it isn't sufficiently dangerous to the majority > of users to take the time out to review all of your patches and vouch > for them via a checkin (this might take a day or so to do). Well then that either means I'm not explaining it well enough, or I'm wrong, or something. What I'm shooting for is some discussion of the issue, which to use bug 813 as an example, is why I asked for it to be made public. Even after going into more explicit detail on the zope list though I got exactly 0 followups, so I was starting to think people just didn't really care all that much. Thankfully this thread came along... > OTOH, if you could just check them in yourself, you would no longer > feel disenfranchised. I don't actually feel disenfranchised, just confused as to what kind of commitment to security ZC is making. My disapointment stems from my lack of ability to get any feedback on the bugs I've submitted. Its kinda happening now, but having to kick up dust to make it happen is less than ideal. I'm also worried about the amount of reported bugs versus the activity occuring to fix them. I understand many of them are probably "I did X and Y crashed, and gosh I think it might be a security problem in Z." without any analysis apart from random observation, which is sort of a pain in the ass to deal with, but they aren't visible, and thus I worry they aren't all like 493. (of which 494 is a public dupe <g>) -- Jamie Heilman http://audible.transient.net/~jamie/ "Paranoia is a disease unto itself, and may I add, the person standing next to you may not be who they appear to be, so take precaution." -Sathington Willoughby _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )