2009/6/25 Xyne <[email protected]>: >> The maintainer of a package should be able to delete comments as this >> would make some of the more popular packages' comments easier to clean >> up. Instead of a trusted user needing to do this, the owner of the >> package could be allowed to delete any comments older that a week. >> That's a policy decision, but I hope we will have some way of deleting >> comments that refer to bugs that have been fixed. > > This would prevent users from being able to flag malicious packages. If > this were implemented, I would like to see a "report malicious package" > link or something else. As Arch continues to grow we will end up with > malicious users and I would prefer to be prepared to handle these when > the time comes. >
That's why I said "delete any comments older that a week". From what I have seen, almost all packages are checked, and I can't imagine that anyone who found a malicious package wouldn't report it, if not here, to the forums. In either case, it would be discovered, as I doubt that if the issue has not been brought to the attention of the community in the week after discovery then I doubt it will be in any sensible timescale.
