drago01 wrote:
Did it ever happen that a "provenpackager" or any packager
in the days
of open ACLs cause any real damage to packages (not owned by him)?
I am not aware of any such cases, it seems to me that we are trying to
solve a non existing problem.
It's mostly just paranoia, as always when the 's' word ("security")
is
involved.
IMHO, all packages should have open ACLs, with no exceptions (yes, even the
kernel!), and I don't think we should make it as hard to get into
provenpackager as some people are suggesting (10 to 15 sponsors needed,
WTF?).
Kevin Kofler