[sr-dev] module FAQ, private contact replacement

Daniel-Constantin Mierla miconda at gmail.com
Tue Apr 3 22:59:42 CEST 2018


Hello,


On 03.04.18 21:54, Henning Westerholt wrote:
> Am Montag, 2. April 2018, 09:08:04 CEST schrieb Daniel-Constantin Mierla:
>> I would not involve management address in the readme of the modules, a
>> lot of people consider their use of kamailio private and will "abuse" it
>> for support.
>>
>> Using sr-users there was a temporary hack when forking from ser and not
>> having seradmin anymore, which, obviously, got forgotten. But the age of
>> this (likely more than 10 years) shows it is not necessary at all, so my
>> suggestion is to remove it all together.
>>
>> People have figured out what to do when needing to send something more
>> sensitive, there is a contact page on webite. Anyhow, based on your
>> commit on this matter, there are rather few modules with this remark
>> comparing with over all number of module.
> Hi Daniel,
>
> ok - I commited it already, as you saw. 
>
> I will change it to involve only security bugs, this way we could easily 
> change it when we have a dedicated security contact address. If we get to much 
> spam, I will remove it completely. 
I still think this is not the right way to do it, but remove it
completely. It is not across all modules, only couple of them.

And again, so far nobody actually used it. When having to report
something more sensitive, people found the way to do it.

Management doesn't have to do anything with those modules and should not
get involved in their readme. There is a contact page with more details
on project's website.

Cheers,
Daniel

-- 
Daniel-Constantin Mierla
www.twitter.com/miconda -- www.linkedin.com/in/miconda
Kamailio Advanced Training - April 16-18, 2018, Berlin - www.asipto.com
Kamailio World Conference - May 14-16, 2018 - www.kamailioworld.com




More information about the sr-dev mailing list