Proposal: Optional libsafe add-on?

[John Pybus]

seth vidal wrote:
>>>
>>>Modifying the world as an 'option' for legacy updates seems like a bad
>>>idea, a confusing idea for users, and generally a waste of time. If I've
>>>got older machines I want them to be left alone and just have security
>>>patches applied. I don't want to be putting brand new things on there.
>>>
>>>-sv
>>>
>>
>>This is why I suggested putting it on the webpage with lots of 
>>documentation and manual installation only.  The documentation would to 
>>people NOT to use it unless they really know what they are doing and 
>>willing to monitor their server for a while.
>>
> 
> 
> Why waste all the time building the packages and writing up the
> documentation?
> 
> People should be working on new things for FC2 and not screwing around
> with old distributions.

Hmm, I feel moved to stick my oar in here:

1) People will work on what they're motivated to, regardless of how this
fits redhat's, the Fedora Project's, or anyone else's, plans and aims,
and whether this is the best overall use of resources or not.

2) There are still plenty of rh7.x/rh8 installations in the wild.  It
does the reputation of the RH/FC line (and linux as a whole) no good if
these are rooted.  The legacy project, and its aim of providing security
updates to the original packages, only exists to support people in
keeping their systems safe.  By mitigating the consequences of many
possible vulnerabilities, this package, potentially, contributes more to
keeping legacy installations secure than a whole bunch of updated rpms.
  So, is it surprising that those responsible for legacy systems, who
use and contribute to fedora-legacy, also care about other protective
measures such as this?

3) Personally, I think this is great idea, and that Warren's proposal
for a well described manual installation is spot on.

Yours,

John