|
|
|
|
|
|
pptp client |
|
 |
 |
|
 |
 |
 |
documentation |
 |
 |
|
 |
 |
 |
team |
 |
 |
|
 |
 |
 |
 |
| |
PPTP Client
Contributing Binaries
If you contribute a binary kernel module RPM to our collection, then we consider you to be a
developer, and we'd like you to take the time and effort to satisfy us
and our users that your work is legitimate, and doesn't contain any trojans.
Here is how to help us trust you as a developer:
- maintain a reputation for helping on the mailing list, IRC channel, or by providing kernel module
RPMs previously,
- reliably provide files on your own web site, hosted on a non-free
service (e.g. your ISP's web server in your user account),
- set up GnuPG if you haven't done so, make your key, and enter the
global web of trust by meeting someone face to face and exchanging
key fingerprints and photographic ID,
- make voice contact using some traceable means with others in the
development team.
Here are our simple requirements:
- send us the RPM, we'll do the rest when we have time,
Here are our paranoid requirements:
- place the RPM file on your web site, in a directory that can be listed,
- use md5sum to generate a checksum, and place that in the
same directory as well,
- if you have a GnuPG key, sign the file and place the signature in
the same directory,
- check the mailing list archives for a contribution by someone else,
- subscribe and send mail to the mailing list, include
- the URL of your web site copy of the RPM,
- the checksum of the file,
- the URL of the errata or security advisory that told you the new
kernel was available,
- the version of kernelmod you used,
and if you have a GnuPG key sign the message,
- work with the release engineer to ensure the installation HOWTO is updated,
- stay on the mailing list for a few months in case anyone has a
problem with what you provided.
An example of a sufficient message:
Subject: kernel-mppe-2.4.20-24.9 contribution
Module: http://nice-guy.example.com/mppe/kernel-mppe-2.4.20-24.9.i686.rpm
Checksum: 8e1230db9284116e2179b40a0c5a0899
Upstream: https://rhn.redhat.com/errata/RHSA-2003-392.html
Kernelmod: 0.7.1
|
We recommend the paranoid requirements. They protect your reputation
and ours, and serve as good training for your contributions to other
projects.
Security Issues
If you have found a vulnerability or a trojan, we understand it might
not be a good idea to write to the mailing list. Instead, contact the
release engineer directly, by e-mail at quozl at laptop dot
org.
Our response will be to withdraw the kernel module from download
availability, to verify the module contains a trojan, and to contact
the contributing developer for an explanation.
|