On Wed, 2009-11-18 at 17:58 -0600, Chris Adams wrote:
Any package (whether new or an update) that adds/changes PolicyKit, consolehelper, or PAM configuration, and anything that installs new setuid/setgid executables, should require some additional third-party review. Any significant changes that passes review should require some minimum amount of advance notice and documentation on how to revert (preferably in some common easy-to-find place in the wiki).
Is this feasible?
Looks like a very good idea to me.
Who needs to look at this?
Fesco ?
Simo.