On Tue, 10 Jun 2008 15:36:58 +0100
Robert Bridge <robert@...> wrote:
> So relying on the file extension seems to be a recipe for
> misunderstanding. Why limit the functionality of the package manager
> to rely on the file names? How do you protect the package manager
> from a malicious ebuild masquerading under the wrong EAPI? Relying on
> the file name for information is the kind of design decision we laugh
> at in Windows, so why adopt it here?

There is no protection against malicious ebuilds. Malicious ebuilds
already run code as root when you install them. Being able to get an
ebuild run with the wrong EAPI is utterly irrelevant.

-- 
Ciaran McCreesh