Audit?

Martin Pitt mpitt at debian.org
Mon Aug 3 05:26:10 BST 2015


Hello,

noisyb at pwnoogle.com [2015-08-02  4:26 +0200]:
> How is the audit process for systemd? Do you guys audit its code completely
> before every package update?

I loosely follow the upstream changes (github PRs), but no, we don't
audit the complete code. We don't currently even have enough manpower
to keep up with bug reports.

We do have a number of automated tests upstream and downstream that
ensure that commits that land upstream and new package uploads in
Debian don't introduce really bad regressions.

Martin

P.S. Please fix your MTA, I got some 5 copies of this.

Martin
-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)




More information about the Pkg-systemd-maintainers mailing list