Re: Some ostree observations

From: Colin Walters <walters verbum org>
To: Florian Weimer <fweimer redhat com>
Cc: ostree-list gnome org
Subject: Re: Some ostree observations
Date: Thu, 20 Feb 2014 18:50:59 +0000

Hi Florian,

This is exactly the kind of thorough and uncompromising review that I knew you'd give, and why I asked you specifically =) It's the kind of review I need to show OSTree can stand up to.

I'm going to split this into 3 sections:

- Security and reliabilty aspects of the core OSTree model, such as the fact of the refs not being under the GPG signature

I'll make sure all of these have bugs.

- Non-security bugs of OSTree, such as the switch command semantics

Will address these after the first.

- Bugs specifically with the content of rpm-ostree, such as ssh key generation coming before random initialization ( This one almost certainly is a generic Fedora bug, not something related to OSTree itself )

I'll gather these somewhere...probably the rpm-ostree TODO.

Will reply to this mail again in more detail in a bit. I just wanted to let you know that this review is very much appreciated and I will take action as fast as I can to fix things!

References:
- Some ostree observations
  - From: Florian Weimer

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]