gpg: failed to create temporary file '/var/lib/lurker/.#lk0x5688a100.hantslug.org.uk.12722': Permission denied
gpg: keyblock resource '/var/lib/lurker/pubring.gpg': Permission denied
gpg: Signature made Mon Nov 13 14:52:46 2006 GMT
gpg: using DSA key C0CFC6B3CD4C0D9D
gpg: Can't check signature: No public key
On Mon, Nov 13, 2006 at 02:45:06PM +0000, Jamie Webb wrote:
> > How is multiple teams of developers working to fix problems not more
> > diverse than making it so that only Mozilla corp can do any real
> > development? Come on, this is open source 101 here.
>
> Do you have evidence of this? Has Debian developed and submitted
> security patches to /current/ Firefox and had them rejected?
No. But speaking as a current member of the security team I will
say that we've had a terrible time working with Mozilla.
In contrast to most other "large" projects the Mozilla Foundations
approach to security is:
* Here is a new release. It fixes bugs. Upgrade now.
Identifying a specific patch which fixes a specific security
issue is left as an exercise to the reader. Thankfully we've
had Alexander Sack and some other volunteers do this work for
us - but the Mozilla people haven't been as helpful as they
might.
Steve
--
Debian GNU/Linux System Administration
http://www.debian-administration.org/
