Craig White wrote: > On Mon, 2008-08-25 at 12:30 +0930, Tim wrote: >> >> If it turned out that *because* of a lack of good warning, when a good >> warning could have been given out, that boxes got compromised all over >> the planet, you'd find users really pissed off and leaving in droves, >> and Red Hat and Fedora with a shattered reputation. > ---- > I fully expect that the reason that they took the system off-line 10 > days ago was a clear indication of their doubt of the sanctity of the > packages and they didn't put it back online until they felt that they > felt that they knew the extent of the compromise. > > Let's be real here...there have been instances when viruses and other > compromised code has been distributed, even in shrink wrapped > proprietary software and we all have expectations of best efforts and if > someone feels that best efforts aren't being given, then they should > find another Linux distribution. > > Craig > Another thing to consider - by taking the systems offline, they prevented any of the mirrors from grabbing any possible corrupted packages. This gives them a chance to determine if there were any packages built and what mirrors would have them. It would be interesting to see if any mirrors were contacted to remove packages... Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
