On Mon, Jun 8, 2015, at 18:31, Xin Li wrote: > > On 06/08/15 14:37, Robert Simmons wrote: > > I'm sure that the reason these questions have not been answered is > > simply because they may have gotten lost in the volume of traffic > > on freebsd-ports. In the following thread, there are a number of > > folks with enough passion to volunteer time to help with the Ports > > Secteam, but we're having difficulty getting a few basic questions > > answered. > > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > > > Here are the basic questions: > > > > Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > > > How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. >
miwi stepped down 7 months ago. His name on this list is a huge red flag that there is a lack of care and feeding for this team. As long as my script isn't broken, here are the number of commits from March 1st through June 1st by each committer in that list: eadler: 6 jgh: 49 miwi: 0 rea: 5 sbz: 2 simon: 0 swills: 117 wxs: 1 zi: 64 There's an obvious lack of activity in that list and I would expect participation in ports-secteam duties to be closely monitored and have members rotated out if they take time away. My participation in the ports tree has been rather sporadic lately, but the script I used indicates I've 85 commits in that time period. However, I'm not sure "number of commits" is necessarily a valuable metric when considering candidates... How do we make the ports-secteam effective again? Team members? Infrastructure? New documentation and procedures? _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
