Dear release team, Thank you for making a decision on the direction for bug #449497 in foo2zjs [1]. I believe that this is a reasonable choice for now due to the impending release. However, I would really like to see an honest and consructive conversation on the issue. I believe that there are some major security and functionality problems with fetching scripts, and there should be clear direction from the members of the debian project on the matter. I would like to be able to completely trust main, so it is my hope that developers would do everything in their power to keep main as clean and safe as possible. I am just a user, so I feel powerless to do anything, and my experience dealing with this issue through the foo2zjs maintainers was not exactly constructive [2],[3],[4] (primarily because of over-reactiveness and hyper sensitivity on their part and perhaps a lack of appreciation for debian's bug command and control authority [5] on my part -- and of course some good old misunderstanding and misinterpretation). Where do I go from here to make sure the issue gets the appropriate level of thought and consideration that it deserves (after lenny gets released of course)?
Best wishes, Michael Gilbert [1] http://lists.debian.org/debian-release/2008/11/msg00106.html [2] http://bugs.debian.org/449497 [3] http://bugs.debian.org/503813 [4] http://bugs.debian.org/503814 [5] http://lists.debian.org/debian-ctte/2008/10/msg00006.html P.S. Please CC me on any responses since I am not subscribed to these lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
