[Python-Dev] Python security team (original) (raw)

Jan Mate(jek jmatejek at suse.cz
Tue Sep 30 13:27:33 CEST 2008

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

Guido van Rossum napsal(a):

I think we may have to expand our selection creteria, since the existing approach has led to a small PSRT whose members are all too busy to do the necessary legwork. At the same time we need to remain selective -- I don't think having a crowd of hundreds would be productive, and we need to be sure that every single member can absolutely be trusted to take security seriously.

of course

To answer your question directly, I don't think that just being the Python maintainer for some Linux distribution is enough to qualify -- if our process worked well enough, you'd be getting the patches from us via some downstream-flowing distribution mechanism that reaches only trusted people within each vendor organization. I don't happen to

Thanks for your answer. I guess the process is the real problem then.

know you personally -- but perhaps other current members of the PSRT do and that could be enough to secure an invitation. No, i don't think that i'm known well enough to earn the invitation (yet), this was more of a "so how the hell does it really work" question.

regards, jan matejek -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iEYEARECAAYFAkjiDSUACgkQjBrWA+AvBr+zVwCfRGPsDUjREfUKBk7/9yzxDTRN egUAoLQlQe1qJHU9IkbigpevDme6OqwT =BYl7 -----END PGP SIGNATURE-----

More information about the Python-Dev mailing list