| 1 |
Seemant Kulleen wrote: |
| 2 |
> The effects are far reaching and shared by everyone. If an official |
| 3 |
> package manager is outside of Gentoo's control, and the maintainer(s) of |
| 4 |
> that piece of software decide to do anything malicious (examples: inject |
| 5 |
> some dodgy code, remove documentation, take out access to the |
| 6 |
> repository, etc) for whatever reason (say, they get pissed off at a few |
| 7 |
> Gentoo people and decide that the entire Gentoo community can be painted |
| 8 |
> that way), then Gentoo has now become a slave to those people. That, |
| 9 |
> I'm sure you'll agree, is unacceptable. |
| 10 |
|
| 11 |
(ignoring [possible securty issues as per spanky's mail) |
| 12 |
|
| 13 |
Wouldn't that be solved if $other-package-manager folks provide full |
| 14 |
dumps of the SCM system they use? |
| 15 |
|
| 16 |
Cheers, |
| 17 |
-jkt |
| 18 |
|
| 19 |
-- |
| 20 |
cd /local/pub && more beer > /dev/mouth |
Archives