Package Review Stats for the week ending January 18th, 2009
drago01
drago01 at gmail.com
Fri Jan 30 19:22:03 UTC 2009
On Thu, Jan 29, 2009 at 7:12 PM, Kevin Kofler <kevin.kofler at chello.at> wrote:
> drago01 wrote:
>> Did it ever happen that a "provenpackager" or any packager in the days
>> of open ACLs cause any real damage to packages (not owned by him)?
>> I am not aware of any such cases, it seems to me that we are trying to
>> solve a non existing problem.
>
> It's mostly just paranoia, as always when the 's' word ("security") is
> involved.
>
> IMHO, all packages should have open ACLs, with no exceptions (yes, even the
> kernel!), and I don't think we should make it as hard to get into
> provenpackager as some people are suggesting (10 to 15 sponsors needed,
> WTF?).
+1
P.S: reading this from you was unexpected but nice to see, considering
that you answered my question why most of the core KDE packages have
closed ACLs (is this still the case?) you said "because the KDE SIG
is already doing a good job" (which is no reason why other people
should not be allowed to do a good job too ;) )
More information about the devel
mailing list