Gentoo Archives: gentoo-dev

From: Mike Frysinger <vapier@g.o>
To: gentoo-dev@l.g.o
Cc: David Shakaryan <d@×××××.org>
Subject: Re: [gentoo-dev] Re: [experiment] Sunrise try 2
Date: Thu, 29 Jun 2006 22:31:02
In Reply to: [gentoo-dev] Re: [experiment] Sunrise try 2 by David Shakaryan
On Thursday 29 June 2006 01:39, David Shakaryan wrote:
> Mike Frysinger wrote: > > On Saturday 24 June 2006 18:54, Edward Catmur wrote: > >> * Security (from malicious contributors): Glad to see layman will only > >> track the reviewed/ tree; still, anyone who checks out the sunrise/ tree > >> (and has it in PORTDIR_OVERLAY) is vulnerable. > >> > >> - Remove from the examples any suggestion that one should check out the > >> whole tree when contributing. Point out that one should not svn up > >> sunrise/ as part of updating Portage. > > > > valid point i think > > The guide has been edited to inform users that they should *not* use the > sunrise/ tree for any reason other than committing. Now, in the > HowToCommit guide, near the instructions for checking out the sunrise/ > tree, it clearly states that you should not set it as your > PORTDIR_OVERLAY, but use the reviewed/ instead.
you can add documents all you want telling people to not do something ... if they are allowed to do it though, they will -mike