Archive for December 2005

dak dsa

So the final implementation detail in the embargoing scheme is providing a tool to move stuff from the embargoed and unembargoed queues into the archive. The existing tool the security team use is called “amber” (after the inimitable Amber Benson). amber’s pretty simple: it takes a DSA number, and the .changes files you’re looking at; […]

Changing The Security Infrastructure

One of the most exciting things about working on Debian is that since it’s developed in the open, when you want to make changes everyone sees them, so depending on what you’re working on, the risk of breaking stuff can provide a real adrenaline rush, while you’re just sitting in your chair. So what better […]

Waiting on DSA

A brief case study in a flamewar diverted. The release managers are currently preparing a followup to the architecture requalification, following the efforts made over the past couple of months. Four ports are currently looking shaky, namely m68k, arm, s390 and sparc. An early draft begins going into the details by saying the following: ARM […]

On Joey on Permissions

At the end of an interesting piece on permissions, Joey Hess concludes: I could give many more examples of subsystems in Debian that exist at different point in the spectrum between locked down unix permissions and a wiki. There seems to be a definite pull toward moving away from unix permissions, once ways can be […]

Security Infrastructure Changes

Delays suck. I’m actually skipping ahead here, I’d meant to blog about updating the dak codebase into shape for whatever changes were coming up first, but it turns out I’m not in the mood for that. Besides which, most of this entry is preprepared. In the last few entries we went over the background for […]