[Distutils] a plea for backward-compatibility / smooth transitions
Noah Kantrowitz
noah at coderanger.net
Tue Jul 30 08:24:27 CEST 2013
On Jul 29, 2013, at 11:19 PM, Antoine Pitrou <solipsis at pitrou.net> wrote:
> Noah Kantrowitz <noah <at> coderanger.net> writes:
>>> The whole python.org infrastructure is built on an OS kernel written by
> someone
>>> who thinks security issues are normal bugs. AFAIK there is no plan to
> switch to
>>> OpenBSD.
>>
>> This is news to me, we specifically run Ubuntu LTS because Canonical's
> security response team has a proven
>> track record of handling issues. If you mean that Linus doesn't handle
> security issues well, then it is
>> fortunate indeed that we don't actually use his software.
>
> Did you already forget what the discussion is about?
> Security/bugfix Ubuntu LTS updates don't break compatibility for the sake of
> hardening
> things, which is the whole point.
Again, speaking as the guy that has to clean up the mess when they do break compat, I promise you they do. Same deal, they only break compat when keeping compat would present a threat to users, which is quite often the case with security bugs. They are fortunately a bit further ahead of us on the long tail of finding problems, so this is far less frequent than it was in years past. We will get there too, but like I said, status quo is not a defense here, just strap in and hang on.
--Noah
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 235 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20130729/97e681bd/attachment.pgp>
More information about the Distutils-SIG
mailing list