From: Jonathan Day <jd9812_at_my-deja.com>
Date: Wed, 22 Aug 2001 05:33:26 -0700

('binary' encoding is not supported, stored as-is)
Hi,

I hope you've not taken over the -whole- of Sourceforge. That could be most awkward for the 10,000 or so other projects hosted there. :)

Seriously, I thought someone had -already- mirrored SELinux over on Sourceforge. Not that it really does any good, as 99.999% of the development work, at this point, is being done behind the scenes, anyway.

IMHO, there's a right time for everything, and right now, that seems to be to examine the new infrastructure that's going to be used. Will it mean that the next version of SELinux will be more restricted? More flexible? How secure is the infrastructure itself? The new version of SELinux will be using external code - has it been audited? What else can it do?

Until the SELinux group is cleared to release the new code, mirroring the old stuff may be more harmful than good. For a start, it might give the impression that it -is- the new code, which would NOT be good.

Also, if there are multiple mirrors (especially multiple mirrors on Sourceforge), consolidation and/or arrangement might be a good idea. If the mirrors are all manual, for example, how is anybody to know, at any given time, what mirrors hold what versions of what? Perhaps you might want to look into a "meta-mirror", which allows people to see this information.

Just some thoughts

---

--== Sent via Deja.com ==--

http://www.deja.com/

--

You have received this message because you are subscribed to the selinux list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Wed 22 Aug 2001 - 08:51:24 EDT