-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/08/15 14:37, Robert Simmons wrote:> I'm sure that the reason these questions have not been answered is > simply because they may have gotten lost in the volume of traffic > on freebsd-ports. In the following thread, there are a number of > folks with enough passion to volunteer time to help with the Ports > Secteam, but we're having difficulty getting a few basic questions > answered. > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > Here are the basic questions: > > Who are the members of the Ports Secteam?Current members include the current security officers (who act as a fallback when needed and a contact for liaison for sensitive and embargoed information) and: Eitan Adler (eadler@); Jason Helfman (jgh@); Martin Wilke (miwi@); Eygene Ryabinkin (rea@); Sofian Brabez (sbz@); Simon L. B. Nielsen (simon@, clusteradm@ liaison); Steve Wills (swills@); Wesley Shields (wxs@); Ryan Steinmetz (zi@);> How does one join the Ports Secteam?Per previous discussion with portmgr@, members are volunteers selected by the Security Officer from active ports committers who have made commits in the ports tree in the last 90 days. Cheers, - -- Xin LI <delphij at delphij.net> https://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.1.4 (FreeBSD) iQIcBAEBCgAGBQJVdiXKAAoJEJW2GBstM+ns+rUP/iZoF77HjxrJTYabcPrgduDs ijWGw6NyvYR47r26jzss3HNdZ4qw9gPxtn3CroCBxQdOIUXaFbkYw3RAFhXvCIMV jBQRFkZmzupC/w9viorT1UEqiFCUa6Bd3qyE5kXRgM18EpXz3xWe3+bQW8OMvJ3h gaoXnbp5beZfxojGj5Ig4lJebBDsu9HB+cekoHECmdmdB11MsC/aGsQmbey95Kg3 Y7ERHENz1f/ZFbJaCurBCVVeB+07Nu/qNMFX6SqCHV177DvuzFM2oBaO1d552y8m /LldCGTC9TCUsloMZifncSgIs8DB6Aq9eDcDyT5mOUGqVkfJb0Y22F9RGG6dQcEY TEHRvHk7L+Huxsvq7YQK3kIC4ywDv/wpBIDsSK8devHXKWCxif+io+aYERad1cY1 LCFwWZGJ4ooxpZyV1GPKh+pX8YGFfMksFxeghUhJcFVdApX4PZRQGjeLOj8CYY8H 8un1qdFPStJz/zbTnF2JPsXi1x3/eeJLAdRtW4j3w2Hz9XwOTDcxpUZpwyO2bDZN Bl89+ee2OtjDCLG7y9Jgz7PZQG37sZMshV8dJqL/o2uILVwcB02rM4jme/e3Pg7B AeRZ4OqPZZoZhKS8y1AOGBSBmm6trLJzSKKvy+eboLVU8oIaozBEawqwZqeuXM2C iln7HRIgZ4/woDAjg4Tc =1ULw -----END PGP SIGNATURE-----
On Mon, Jun 8, 2015 at 7:31 PM, Xin Li <delphij at delphij.net> wrote:> On 06/08/15 14:37, Robert Simmons wrote: >> I'm sure that the reason these questions have not been answered is >> simply because they may have gotten lost in the volume of traffic >> on freebsd-ports. In the following thread, there are a number of >> folks with enough passion to volunteer time to help with the Ports >> Secteam, but we're having difficulty getting a few basic questions >> answered. >> https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html >> >> Here are the basic questions: >> >> Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > >> How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days.Excellent. Thanks for the quick reply! So, if membership requires committership, what is the next best way to help the team?
On Mon, Jun 8, 2015, at 18:31, Xin Li wrote:> > On 06/08/15 14:37, Robert Simmons wrote: > > I'm sure that the reason these questions have not been answered is > > simply because they may have gotten lost in the volume of traffic > > on freebsd-ports. In the following thread, there are a number of > > folks with enough passion to volunteer time to help with the Ports > > Secteam, but we're having difficulty getting a few basic questions > > answered. > > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > > > Here are the basic questions: > > > > Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > > > How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. >miwi stepped down 7 months ago. His name on this list is a huge red flag that there is a lack of care and feeding for this team. As long as my script isn't broken, here are the number of commits from March 1st through June 1st by each committer in that list: eadler: 6 jgh: 49 miwi: 0 rea: 5 sbz: 2 simon: 0 swills: 117 wxs: 1 zi: 64 There's an obvious lack of activity in that list and I would expect participation in ports-secteam duties to be closely monitored and have members rotated out if they take time away. My participation in the ports tree has been rather sporadic lately, but the script I used indicates I've 85 commits in that time period. However, I'm not sure "number of commits" is necessarily a valuable metric when considering candidates... How do we make the ports-secteam effective again? Team members? Infrastructure? New documentation and procedures?
As I've been unable to contribute to this team or to ports much lately I hereby request that I be removed from this team. I'd rather someone else who is more actively engaged take my spot. -- WXS> On Jun 8, 2015, at 7:31 PM, Xin Li <delphij at delphij.net> wrote: > > Signed PGP part > On 06/08/15 14:37, Robert Simmons wrote: > > I'm sure that the reason these questions have not been answered is > > simply because they may have gotten lost in the volume of traffic > > on freebsd-ports. In the following thread, there are a number of > > folks with enough passion to volunteer time to help with the Ports > > Secteam, but we're having difficulty getting a few basic questions > > answered. > > https://lists.freebsd.org/pipermail/freebsd-ports/2015-May/099268.html > > > > Here are the basic questions: > > > > Who are the members of the Ports Secteam? > > Current members include the current security officers (who act as a > fallback when needed and a contact for liaison for sensitive and > embargoed information) and: > > Eitan Adler (eadler@); > Jason Helfman (jgh@); > Martin Wilke (miwi@); > Eygene Ryabinkin (rea@); > Sofian Brabez (sbz@); > Simon L. B. Nielsen (simon@, clusteradm@ liaison); > Steve Wills (swills@); > Wesley Shields (wxs@); > Ryan Steinmetz (zi@); > > > How does one join the Ports Secteam? > > Per previous discussion with portmgr@, members are volunteers selected > by the Security Officer from active ports committers who have made > commits in the ports tree in the last 90 days. > > Cheers, > -- > Xin LI <delphij at delphij.net> https://www.delphij.net/ > FreeBSD - The Power to Serve! Live free or die > > _______________________________________________ > freebsd-security at freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org"-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 163 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20150610/c0008ce6/attachment.sig>