1 |
Stephen Bennett wrote: |
2 |
> On Sat, 31 Mar 2007 15:24:03 -0400 |
3 |
> Seemant Kulleen <seemant@g.o> wrote: |
4 |
>> To make it more clear...If an official package manager is outside of |
5 |
>> Gentoo's control, and the maintainer(s) of that piece of software decide |
6 |
>> to do anything malicious (examples: inject some dodgy code, remove |
7 |
>> documentation, take out access to the repository, etc) for whatever |
8 |
>> reason (say, they get pissed off at a few Gentoo people and decide that |
9 |
>> the entire Gentoo community can be painted that way), then |
10 |
> |
11 |
> ... Gentoo developers can take the latest release of said package |
12 |
> manager and continue development from that. That's the wonderful thing |
13 |
> about the GPL, no? |
14 |
|
15 |
Too late for all the affected users tho. Point is it's a major security hole |
16 |
which no sane organisation would even consider for mission-critical code. |
17 |
|
18 |
|
19 |
-- |
20 |
gentoo-dev@g.o mailing list |