[Secure-testing-team] For discussion: security support strategy for the wheezy kernel

[Michael Gilbert]

On Mon, Feb 7, 2011 at 5:09 PM, Julien Cristau wrote:
> What does that buy us?  It means instead of dealing with bugs on an
> ongoing basis, you get them all at the same time and get to bisect along
> many kernel versions at once instead of just one.  It means problems
> don't get reported (and fixed) upstream until it's too late.  It means
> any package that could use a newer kernel interface doesn't get any
> testing.  I'm sure there's plenty of others.

Bugs can be submitted and dealt with in experimental just as well as
in unstable.

>> > Whatever the technical solution to testing-security kernel might be,
>> > it needs to be based on following the upstream kernel development.
>>
>> 2.6.32.x is in fact an upstream kernel currently being developed ;)
>>
> No it's not.  Go read the definition of development.
>
> I'm sorry, but your proposal is insane.

Is this kind of negativity really necessary?  I'm trying to guide a
discussion on a real problem, and I'm an engineer, so I never present
problems without at least an idea about a solution.  It may not be the
best, but you start at something and work toward bettering it until
you have something good.

Best wishes,
Mike