pptp client
 overview
 license
 getting started
 features
 try it
 download
 links
 documentation 
 index
 debian
 fedora core 1
 fedora core 2
 fedora core 3
 fedora core 4
 fedora core 5
 fedora core 6
 gentoo
 knoppix
 mandrake 9.0
 mandrake 10.0
 mandrake 10.1
 netbsd
 red hat 9
 red hat 8.0
 red hat 7.3
 suse 10.0
 suse 9.2
 suse 9.1
 suse 8.2
 ubuntu
 diagnosis
 support faq
 diagrams
 routing
 security
team
 developers
 cvs
 contact us
 

PPTP Client


Contributing Binaries

If you contribute a binary kernel module RPM to our collection, then we consider you to be a developer, and we'd like you to take the time and effort to satisfy us and our users that your work is legitimate, and doesn't contain any trojans.

Here is how to help us trust you as a developer:

  • maintain a reputation for helping on the mailing list, IRC channel, or by providing kernel module RPMs previously,
  • reliably provide files on your own web site, hosted on a non-free service (e.g. your ISP's web server in your user account),
  • set up GnuPG if you haven't done so, make your key, and enter the global web of trust by meeting someone face to face and exchanging key fingerprints and photographic ID,
  • make voice contact using some traceable means with others in the development team.
Here are our simple requirements:

  • send us the RPM, we'll do the rest when we have time,
Here are our paranoid requirements:

  • place the RPM file on your web site, in a directory that can be listed,
  • use md5sum to generate a checksum, and place that in the same directory as well,
  • if you have a GnuPG key, sign the file and place the signature in the same directory,
  • check the mailing list archives for a contribution by someone else,
  • subscribe and send mail to the mailing list, include
    • the URL of your web site copy of the RPM,
    • the checksum of the file,
    • the URL of the errata or security advisory that told you the new kernel was available,
    • the version of kernelmod you used,
    and if you have a GnuPG key sign the message,
  • work with the release engineer to ensure the installation HOWTO is updated,
  • stay on the mailing list for a few months in case anyone has a problem with what you provided.

An example of a sufficient message:

Subject: kernel-mppe-2.4.20-24.9 contribution

Module: http://nice-guy.example.com/mppe/kernel-mppe-2.4.20-24.9.i686.rpm
Checksum: 8e1230db9284116e2179b40a0c5a0899
Upstream: https://rhn.redhat.com/errata/RHSA-2003-392.html
Kernelmod: 0.7.1

We recommend the paranoid requirements. They protect your reputation and ours, and serve as good training for your contributions to other projects.

Security Issues

If you have found a vulnerability or a trojan, we understand it might not be a good idea to write to the mailing list. Instead, contact the release engineer directly, by e-mail at quozl at laptop dot org.

Our response will be to withdraw the kernel module from download availability, to verify the module contains a trojan, and to contact the contributing developer for an explanation.