1 |
On Tuesday 07 September 2004 8:14 pm, Kurt Lieber wrote: |
2 |
> On Tue, Sep 07, 2004 at 07:09:27PM +0200 or thereabouts, Christian Parpart |
3 |
wrote: |
4 |
> > Some questions remain anyway. WHO exactly may submit (have write access), |
5 |
> > and, how to get into this new idea to get a bit more attention in public? |
6 |
> |
7 |
> Well, ideally, everyone would have write access. If that freaks people out |
8 |
> a bit too much, then you could have some sort of cursory review process |
9 |
> where a group of people review ebuilds to make sure they don't have any |
10 |
> nastiness in them. |
11 |
|
12 |
I propose, that only commits, that are digitally signed (GnuPG ideally) go |
13 |
into this. So, we let the trust by the user's side, of course, *this* is, |
14 |
what some time before was proposed for the official portage tree as well. |
15 |
And, this would even need some tweakings in emerge tool to validate'n'skip |
16 |
the digital signature as well as select only ebuilds the user trusts on. |
17 |
|
18 |
> If you restrict who can access the system too much, then you end up where |
19 |
> we are now, with no net improvement. |
20 |
[...] |
21 |
|
22 |
I agree... s.a. |
23 |
|
24 |
so far, |
25 |
Christian Parpart. |
26 |
|
27 |
-- |
28 |
20:19:33 up 14 days, 7:59, 4 users, load average: 1.14, 1.17, 1.39 |