[Discuss] kernel.org

Edward Ned Harvey blu at nedharvey.com
Thu Oct 6 19:48:21 EDT 2011


> From: Jon Masters [mailto:jonathan at jonmasters.org]
> 
> On Wed, 2011-10-05 at 11:25 -0400, markw at mohawksoft.com wrote:
> > >> From: Jon Masters [mailto:jonathan at jonmasters.org]
> >
> > > Nothing against John or Peter, but there's such a thing as change
> > > management.  If it was easy to put it back up quickly and safely, but it
> > > needs to be overhauled to enhance functionality, then the thing to do is
> > > put it back up quickly, and plan the overhaul in such a way that it
> > > doesn't entail a month of downtime.
> 
> Which would be a better headline?
> 
> 1). "kernel.org rooted again, lax security blah blah blah. Film at 11!"
> 2). "kernel.org still down, everyone sucks".
> 
> I have to say I favor the latter.

Agreed.  But I feel like this converstaion is going around in circles.  Originally I said by not getting it back up, they're basically acknowledging that it would be unsafe to do so, and I commented, if they don't have adequate security, what are the rest of us to do?  And then you said you conclude a different conclusion - let's give them the benefit of the doubt - that they're working very hard and it's very complex.  Which, I think, is actually not a contradiction...

I commented tangentially - Aren't they doing the same thing at github?  According to Peter's email, it seems the flaw was using shell access to the git repositories.  Isn't that what github does?




More information about the Discuss mailing list