incubator-ooo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Weir <>
Subject Re: Population of ooo-security
Date Thu, 28 Jul 2011 22:17:14 GMT
On Thu, Jul 28, 2011 at 5:41 PM, Florian Effenberger
<> wrote:
> Hello,
> Dennis E. Hamilton wrote on 2011-07-28 22:04:
>> I support Malte's recommendation to add two individuals that are currently
>> in-common with respect to (traditional) and LibreOffice.
> I must confess I find it really strange that policies seem to be changed
> here.

And I'm sure there would be people at Apache that would think it
strange if we started doing things differently than every other Apache
project does it.

> We had a good team at working on various security aspects
> (reporting, fixing, communicating), and when LibreOffice started, we
> unbureaucratically continued to work with the same set of people that has
> been proven trustworthy already. Everyone agreed that security is one of the
> areas where cooperation is possible without any politics involved.

We shouldn't confuse lack of process for lack of politics, or presence
of process for presence of politics.  Apache has more process here
because it has, through experience and pain (somewhat the same thing),
and by managing many open source projects over many years, evolved a
set of procedures for how security is handled.  As one of the leading
open source foundation it is important that we have a unified way of
handling these things.  Equating process with bureaucracy is a naive
view.  Organizations that are serious about security, whether open
source or commercial, have defined procedures for handling security
incidents.  Users expect no less.

> I don't know the exact recipient list of the current OOo security list, but
> my proposal would simply have been to continue working with those people. I
> simply see no reason for changing that (and the notion of "We do things
> different here" is no valid argument at all to me).
> But maybe that's just my idea. Well, anyways, back to important stuff.
> Florian
> --
> Florian Effenberger <>
> Steering Committee and Founding Member of The Document Foundation
> Tel: +49 8341 99660880 | Mobile: +49 151 14424108
> Skype: floeff | Twitter/ @floeff

View raw message