Hi Jim, > This is a tool by which one uploads signed tarballs to (usually) GNU > servers, presumably for mass distribution. As such, I think we are > justified in holding packagers/uploaders to a higher standard. At the > very least, we should feel justified in expecting that an uploader run > on a reasonably secure system: i.e., one that is still being > maintained.
It is very debatable what constitutes a "reasonably secure system": - given that there are different philosophies ("the user is responsible for their system's security" vs. "all users are idiots, therefore only a crippled system is a secure one"), - regarding the details of the requirements: a maintained OS? a permanently running antivirus? HTML display turned off in the mailer? ... It is also very debatable whether GNU should merely *expect* that an an uploader runs a secure system, or *enforce* it. In any case, even if you want to enforce it, an error message "*** Your distribution does not receive regular security updates" is better than "gpg-agent is not available in this session" because it saves the user from an hour of investigation. Bruno