In theory, yes. In practice I'm very skeptical that maintainers can correctly ba... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

iudqnolq on Sept 22, 2022 | parent | context | favorite | on: Traditional packaging is not suitable for modern a...

In theory, yes. In practice I'm very skeptical that maintainers can correctly backport patches without having a solid understanding of the source code. And I'm skeptical that maintainers can have a solid understanding of the source code without reading a substantial portion of it, and I know they haven't got the time to do that.

openmapsguy on Sept 23, 2022 [–]

I’m sure what you’re saying happens. There’s 1000s of packages with maintainers of varying skill.

That said the track record speaks for itself. I can only remember one time a maintainer introduced a vuln in Debian. The system works even though you’ll find cracks if you look.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact