Drawing lessons from fatal SELinux bug #1054350

Sérgio Basto sergio at serjux.com
Fri Jan 24 04:49:36 UTC 2014


On Qui, 2014-01-23 at 20:20 -0800, Adam Williamson wrote: 
> On Fri, 2014-01-24 at 04:18 +0000, Sérgio Basto wrote:
> 
> > > * The Update Policies must be repealed. This regression has shown us
> > > that 
> > > not only they totally failed at preventing it, but they are actively 
> > > contributing to exposing MORE users to broken updates by delaying
> > > regression 
> > > fixes. (This kind of regression fixes needs to go out DIRECTLY to
> > > stable!)
> > 
> > Also agree, this critical packages should go directly to stable and or
> > we should be able to revoke it.
> 
> TBH this has always been the one of Kevin's Big Book Of Update Policy
> Complaints I find the most baffling. If we know you managed to screw up
> your update once, why exactly would we just trust you to get it right
> the *second* time without any testing?

yeah , so revoke an update could be a better idea.   
-- 
Sérgio M. B.



More information about the devel mailing list