© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
bbfa235
(Get the code!)
@peter,
> Making the "valgrind" package a ARMv7 package is good engineering
> because it aligns with the dominant use case. The dominant use case
> nowadays is ARMv7 and above. ARMv7 was released in 2011.
My bad. ARMv7 was release in the 1990s. In 2011 it became the most popular ARM architecture.
> Finally, splitting Valgrind into two packages is good security
> engineering. Valgrind is a Security Testing and Evaluation (ST&E)
> tool. Tools like Valgrind (and others like Asan and UBsan) need to
> be available and properly functioning.
By the way, Debian is not onboard with ideas like this. I wrote to the Debian Security Team several years ago. I suggested they classify programs into two groups: security and non-security. Security programs includes ST&E tools like Valgrind. It also includes other warez, like OpenSSL and Apache.
I also suggested security related programs and applications should be maintained to a higher standard, similar to the way the Space Shuttle has safety critical components (learned after the Challenger and Columbia disasters). For example, a package classified as security critical may take a major bump to ensure the effectiveness program or application.
Nothing was done. Effectively Debian decided to supply deficient software rather than striving for excellence.
You can lead some folks to water, but you can't make them drink.