View previous topic :: View next topic |
Should the secret lists be world-readable? |
Yes |
|
66% |
[ 134 ] |
No |
|
33% |
[ 67 ] |
|
Total Votes : 201 |
|
Author |
Message |
nadamsieee Guru
Joined: 30 May 2003 Posts: 340 Location: Atlanta, GA, USA
|
Posted: Thu Jun 26, 2003 10:35 pm Post subject: Should the Gentoo secret lists be world-readable? |
|
|
Concerning the recent Gentoo fork (Zynot), should all of the so-called 'secret lists' be made world-readable yet invite-only for posting? _________________ nadams (at) ieee (dot) org |
|
Back to top |
|
|
nrl Guru
Joined: 27 Mar 2003 Posts: 446 Location: Glasgow, UK
|
Posted: Thu Jun 26, 2003 10:44 pm Post subject: |
|
|
In a sense I fell that it should be world readable but we should consider this:
seemant wrote: |
Just to set the record straight. the -core mailing list is really for developers only and is used for the strictly developer related issues. Things like: package-X releases a new security fix release in x days -- can devs please test this before then. And so on. These issues are kept private because UPSTREAM wishes them to be private. If we go and spill beans that they're not ready to have spilled, who's on the wrong? And is it worth it to do that just so that people the world over feel that -core is not a cabal?
|
Taken from this thread. _________________ "Madness is something rare in individuals - but in groups, parties, peoples, ages it is the rule." -- Nietzsche |
|
Back to top |
|
|
nadamsieee Guru
Joined: 30 May 2003 Posts: 340 Location: Atlanta, GA, USA
|
Posted: Thu Jun 26, 2003 10:53 pm Post subject: |
|
|
Gentoo is full of programmers. Make it an option that time sensitive threads don't go public for 30 days or so. Open-ness is goooooood. _________________ nadams (at) ieee (dot) org |
|
Back to top |
|
|
devkelso n00b
Joined: 29 Apr 2003 Posts: 3
|
Posted: Thu Jun 26, 2003 11:44 pm Post subject: |
|
|
Quote: | Gentoo is full of programmers. Make it an option that time sensitive threads don't go public for 30 days or so. Open-ness is goooooood. |
Good call! |
|
Back to top |
|
|
chrispy Apprentice
Joined: 10 Nov 2002 Posts: 228 Location: Tokyo
|
Posted: Fri Jun 27, 2003 12:14 am Post subject: |
|
|
Openess is good indeed. But what's the point of being able to read messages not really intended to be "meaningful" to gentoo "end-users" ?
Would you like to see 100's of "Package XYZ is pissing me off, I've been working on it for 2 days and I can't see what's wrong" ?
Then, some users will be tempted to try more and more unstable packages, then complaining back to the developpers because it crashed their machine and they lost some data (totally off the top of my head...)
As long as they are "professional" enough to keep transparency in what is going on and what has been done and whatnot, I think they DO need some non-world-readable list were they can chat freely about their dev stuff without other people being able to comment about it in the forums. |
|
Back to top |
|
|
meekrob Tux's lil' helper
Joined: 13 Apr 2002 Posts: 81 Location: Tempe, AZ USA
|
Posted: Fri Jun 27, 2003 12:26 am Post subject: Secrecy in the name of security |
|
|
First of all anyone who is serious about security (or hacking for that matter) subscribes to bugtraq. If there is a vulnerability in package X it will appear in bugtraq long before it is mentioned on the gentoo core list.
The reason core is kept secret is that "UPSTREAM" prefers not to let the Gentoo user community in on the discussion of the distribution on a strategy level. |
|
Back to top |
|
|
Pythonhead Developer
Joined: 16 Dec 2002 Posts: 1801 Location: Redondo Beach, Republic of Calif.
|
Posted: Fri Jun 27, 2003 12:34 am Post subject: |
|
|
I want to see the private list because I may have learned earlier about the snafu that happened this week when D. Robbins screwed up portage when introducing changes with AMD.
A screwup of this magnitude should have at least been posted in the forums. |
|
Back to top |
|
|
panserg Apprentice
Joined: 16 Apr 2003 Posts: 188
|
Posted: Fri Jun 27, 2003 12:46 am Post subject: |
|
|
Gentoo is a new generation of linux distros (thanks to Portage). That's why Gentoo need a new generation of online community support.
It must be more open and at the same time more secure. GEPs is a step in a right direction. But it's not enough - more of democracy requires more fine-grained responsibility and policy control.
P.S. fine-grained... But that's exactly what I like in Portage! |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Fri Jun 27, 2003 3:17 am Post subject: |
|
|
Where's the "I don't give a rat's ass" option?
I think we should continue to pressure the devs to move as much as possible to public lists, but if they don't have their own private lists, they will just take stuff to private email, private IRC, etc., anyway. You can't deny them private communication!
So given that, if official private lists make their lives easier, and keep Gentoo moving forward, why not? |
|
Back to top |
|
|
Pythonhead Developer
Joined: 16 Dec 2002 Posts: 1801 Location: Redondo Beach, Republic of Calif.
|
Posted: Fri Jun 27, 2003 3:27 am Post subject: |
|
|
cdunham wrote: | Where's the "I don't give a rat's ass" option? 8)
|
I think the people who didn't vote took that option. Seeing as how 122 people have read the poll and only 19 voted so far... |
|
Back to top |
|
|
idl Retired Dev
Joined: 24 Dec 2002 Posts: 1728 Location: Nottingham, UK
|
Posted: Fri Jun 27, 2003 9:31 am Post subject: |
|
|
The developers realy need some private space. As avenj said, the stuff on -core doesn't concern us, and it may hold sensative security related information. _________________ a.k.a port001
Found a bug? Please report it: Gentoo Bugzilla |
|
Back to top |
|
|
hook Veteran
Joined: 23 Oct 2002 Posts: 1398 Location: Ljubljana, Slovenia
|
Posted: Fri Jun 27, 2003 9:32 am Post subject: |
|
|
too sleepy to read the "reasons why" ...but i'll take a look at it someday soon ...might be worth thinking over ...i love my gentoo, don't get it wrong, but there's always something better and someting worse then what you have :] _________________ tea+free software+law=hook
(deep inside i'm still a tux's little helper) |
|
Back to top |
|
|
amittp Tux's lil' helper
Joined: 02 Jul 2002 Posts: 123 Location: USA
|
Posted: Mon Jun 30, 2003 9:32 pm Post subject: |
|
|
Hmmm thin line,
Point 1:
It very much ok to keep some things away from end-users. End users dont like fake promises. It better to show them when things are ready, atleast for a demo.
Point 2:
The Zynot developer stated that he was in developer list and still was ignored. If this allegation is true, I think atleast developers mailing list should be informed of it. Its very much ok if it doesn't make it to user list.
Well, Gentoo has a tremendous following now. I don't think Daniel Robbins will make wild decisons that will tarnish his image.
Everyone hates to share their pet project. Had I been drobbins, I would be disapponted to have vote for the final decision making. After all he is the one who had the vision to Gentoo.
But has the time come to have round table? Let's say two developers from each category give vote for say, five developers? We shall have a team of 5 Architects. There would be no hidden motives then. And if still they are they will be for good. When 5 Top chiefs think that secret is must, then let it be. It must be for good. But when it points to just one person and that to the leader, there is huge ruckus.
To survive any huge project, a trust, integrity and mutual understanding at top level is must, The same things reflect down the development tree.
I wish to see thing like that happening sooner.
With this, I wish Gentoo Team all the best. May wise thought be with you.
Boy, do I sound bad! But I really pray for that. _________________ Believe in yourself |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Mon Jun 30, 2003 9:59 pm Post subject: |
|
|
Dennis:
I told you. We're an anarcho-syndicalist commune. We take it in turns to act as a sort of executive officer for the week, but all the decisions of that officer have to be ratified at a special bi-weekly meeting by a simple majority in the case of purely internal affairs, but by a two-thirds majority in the case of more major--
Arthur:
Be quiet! I order you to be quiet!
Woman:
Order, eh? Who does he think he is? Heh.
Arthur:
I am your king!
Woman:
Well, I didn't vote for you. _________________ This post more meaningful in a scalar context. |
|
Back to top |
|
|
ebrostig Bodhisattva
Joined: 20 Jul 2002 Posts: 3152 Location: Orlando, Fl
|
Posted: Mon Jun 30, 2003 10:01 pm Post subject: |
|
|
I feel this has turned into "I wanna see that list, I wanna be 1337 and be on the -core list!"
Whereas the right answer is that none of our regular users has any use for that list, nor do they have any need to read it. If that is made public, then it's easy to create another non-public list.
Please people, be a bit realistic. Realize that the developers have a need to discuss issues between them that the regular user has no need to see or know about, nor is it in the regular users interest to know what they discuss. If you feel otherwise give me a solid reason, the ones I have seen so far fall into the category that I listed initially.
I personally couldn't care less what they talk about on that list, nor have I any interest to be on the list.
Erik _________________ 'Yes, Firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.' |
|
Back to top |
|
|
scott_ell Tux's lil' helper
Joined: 12 Nov 2002 Posts: 83 Location: Tallahassee, Florida, USA
|
Posted: Mon Jun 30, 2003 10:02 pm Post subject: |
|
|
port001 wrote: | The developers realy need some private space. As avenj said, the stuff on -core doesn't concern us, and it may hold sensative security related information. |
Screw that. If I wanted to run an OS that kept the core details private, I'd run Windows. I really don't see the need to for private space, and, if there is information that doesn't concern me, I'd like to be the judge of that, not Daniel R., Bill Gates, or anybody else. |
|
Back to top |
|
|
ebrostig Bodhisattva
Joined: 20 Jul 2002 Posts: 3152 Location: Orlando, Fl
|
Posted: Mon Jun 30, 2003 10:31 pm Post subject: |
|
|
scott_ell wrote: | port001 wrote: | The developers realy need some private space. As avenj said, the stuff on -core doesn't concern us, and it may hold sensative security related information. |
Screw that. If I wanted to run an OS that kept the core details private, I'd run Windows. I really don't see the need to for private space, and, if there is information that doesn't concern me, I'd like to be the judge of that, not Daniel R., Bill Gates, or anybody else. |
Nope, that is an elitist attitude that I would rather not see.
You have no background to rate what is necessary for you to see or not, nor is it in gentoo's best interest.
Give me one single reason why you need to see the core list, just one!
Erik _________________ 'Yes, Firefox is indeed greater than women. Can women block pops up for you? No. Can Firefox show you naked women? Yes.' |
|
Back to top |
|
|
nerdbert l33t
Joined: 09 Feb 2003 Posts: 981 Location: Berlin
|
Posted: Mon Jun 30, 2003 11:38 pm Post subject: |
|
|
I don't like the idea of making dev discussions public. I think this would result in thousands of threads here with a topic like this: Have you read what developer X just proposed? It would be really hard to keep up to all of this.
I don't think immature ideas should be discussed in public before the real people in charge have found some consent.
[edit] this is one of the rare occasions on which I totally agree with ebrostig - it just doesn't make sense to publicise ideas before they've somehow gained critical mass inside of the core team. |
|
Back to top |
|
|
efalcao n00b
Joined: 06 Apr 2003 Posts: 5 Location: Irvine CA
|
Posted: Mon Jun 30, 2003 11:45 pm Post subject: |
|
|
I think that supporters of a private list have the wrong idea. Here are some points:
1: (In response to ebrostig) Just because gentoo users at large may not care what is going on in the list doesn't justify it's being private. It should be public and let the users decide whether or not they car to read it.
2: (In response to port001) Being secretive regarding security is always bad. Security is guaranteed by public knowledge. This is why Microsoft is so bad at it.
3: (A personal point) If developers really need private space, they should communicate via 1 on 1 email, not via a list that is supported by gentoo user's donations. Gentoo users donate for an open cause and desire open communication.
ebrostig does have a point that if the list is open the developers will move their secret communication to another medium. The overall issue that needs to be addressed is why does there need to be secret communication. The response of "it's secret because it is of no concern to users" is completely wrong because just the fact that it is secret concerns me. Let the users decide what concerns them |
|
Back to top |
|
|
scott_ell Tux's lil' helper
Joined: 12 Nov 2002 Posts: 83 Location: Tallahassee, Florida, USA
|
Posted: Tue Jul 01, 2003 12:02 am Post subject: |
|
|
ebrostig wrote: | Nope, that is an elitist attitude that I would rather not see.
You have no background to rate what is necessary for you to see or not, nor is it in gentoo's best interest.
|
From what position of authority or knowledge could you ever make an assessment of my background? You don't know me or my capabilities. I'm sorry but if you are going to attribute an "elitist attitude" to someone please at least finish that same post before behaving in that manner yourself.
As for what is "necessary for [me] to see or not" I'd prefer to be the judge of that. Considering this is "Open Source", written by many different people, over many different years (i.e. not just Gentoo Developers), I would say it is precisely in "gentoo's best interest" for me (and everyone else) to know exactly what is going on.
ebrostig wrote: | Give me one single reason why you need to see the core list, just one! |
I'll give you a reason: because it exists. Because Gentoo is an Open Source OS and, for me, the important part about OSS is the 'Open' part. A lot of people are working very hard in this community and feel as if they have a stake in it. I believe no one here as the right to tell me (or anyone else) what I can see and cannot see.
If I am wrong about Gentoo, and the things I have mentioned are not important to Gentoo, the my apologies, I will go somewhere else. |
|
Back to top |
|
|
nerdbert l33t
Joined: 09 Feb 2003 Posts: 981 Location: Berlin
|
Posted: Tue Jul 01, 2003 12:16 am Post subject: |
|
|
efalcao wrote: |
ebrostig does have a point that if the list is open the developers will move their secret communication to another medium. |
do you really think this won't happen whenever this list is being made public? In order to get some structure into a system some things have to be discussed in a small circle fist - I just don't see the benefits which a public list might bring to gentoo. |
|
Back to top |
|
|
cdunham Apprentice
Joined: 06 Jun 2003 Posts: 211 Location: Rhode Island
|
Posted: Tue Jul 01, 2003 12:20 am Post subject: |
|
|
You know, a process that is not completely open is not necessarily closed, either.
I don't see it as a "right" to see what is going on, without any cost. What I do see, however, that if there is a justifiable need, or a desire accompanied by some payment (time, energy, yes, perhaps even money), that openness should be easy to come by.
Like a lip on the edge of the road, or a slight barrier keeping stray cars off the sidewalk. Just enough to keep things sane, but not so insurmountable as to close people off.
So, if you REALLY want to get access to the core lists, as someone else said, make a committment and become a developer. If you can't code, then write documentation, be an evangalist, or join a herd as a tester.
That is the opportunity you have because this is a free and open process.
But being free and open does not mean anarchy and chaos. Even the most free society doesn't let you wander into surgical suites or give out the politicians' home numbers. But if you really need to, or give enough to society, perhaps.... _________________ This post more meaningful in a scalar context. |
|
Back to top |
|
|
nerdbert l33t
Joined: 09 Feb 2003 Posts: 981 Location: Berlin
|
Posted: Tue Jul 01, 2003 12:40 am Post subject: |
|
|
cdunham wrote: | be an evangalist, or join a herd as a tester.
That is the opportunity you have because this is a free and open process.
|
tell me of any gent who isn't an evangelist |
|
Back to top |
|
|
scott_ell Tux's lil' helper
Joined: 12 Nov 2002 Posts: 83 Location: Tallahassee, Florida, USA
|
Posted: Tue Jul 01, 2003 1:13 am Post subject: |
|
|
cdunham wrote: | But being free and open does not mean anarchy and chaos. Even the most free society doesn't let you wander into surgical suites or give out the politicians' home numbers. But if you really need to, or give enough to society, perhaps.... |
Interesting point. But to use your metaphor, I'm not trying to operate on the patient, All I want is to know what the surgeons are doing to me when I'm asleep. Are they drunk? Did they leave surgical tools in my body while I slept? That is the kind of openness I am talking about. Gentoo is not an issue of national security. There is no need to keep the community out of the loop.
What I want is just what this poll is asking: "Should the Gentoo secret lists be world-readable?" Readable, that's all. |
|
Back to top |
|
|
BradB Apprentice
Joined: 18 Jun 2002 Posts: 190 Location: Christchurch NZ
|
Posted: Tue Jul 01, 2003 1:28 am Post subject: |
|
|
Can anyone give examples of other OSS projects that have closed (non-world readable) mailing lists?
If there are other projects that have justifiable reasons, then Gentoo might do as well.
The community that has sprung up around Gentoo is awesome, the best Linux related community I have had the pleasure of being part of, but this whole "secret cabel" thing frustrates me. It has made me realise that the gentoo devs aren't really a part of the forum community, very rarely do I ever see the red "dev" next to a name posting. The whole management structure needs to be brought out into the open - and it is good to see that it may be happening. It would also be nice to see more devs posting around here (surely they must read the forums to see what good ideas people come up with?)
Personally - I think there should be no secret lists, if it is truely open, then it doesn't matter who sees it.
Brad _________________ Microsoft - bringing the pain right into your home since 1982 |
|
Back to top |
|
|
|