On Tue, 10 Nov 2020 at 14:48, Brad Rogers <b...@fineby.me.uk> wrote: > Impossible to achieve. There's simply far too much that can go wrong to > cover every single (corner) case there may be.
Is there anything to learn from this experience that can help us in future? Controls are never perfect, and there's always a cost-benefit to be done on them. No sense spending an extra 5 hours in work to prevent a problem that occasionally causes 5 minutes in inconvenience, for example. But, again, this isn't that situation. I have an unbootable system which could stay that way for days. But we don't have to give up because we cannot prevent every corner case. Making sure that all the KF libraries are at the same version doesn't seem like a corner case to me, especially after upstream said that you cannot mix and match versions. > It also ignores the ingenuity of idiots and their ability to foul things > up. True. Controls only work when people follow them. That means they generally fail against deliberate attempts to defeat them. When that happens, you throw your hands up and say that the system is too broken to fix. But I don't think that applies here. I understand that there are some very smart and generally honest people who get the GPG keys to the Debian repos.
