Hi Jim,
> This is a tool by which one uploads signed tarballs to (usually) GNU
> servers, presumably for mass distribution. As such, I think we are
> justified in holding packagers/uploaders to a higher standard. At the
> very least, we should feel justified in expecting that an uploader run
> on a reasonably secure system: i.e., one that is still being
> maintained.
It is very debatable what constitutes a "reasonably secure system":
- given that there are different philosophies ("the user is responsible
for their system's security" vs. "all users are idiots, therefore only
a crippled system is a secure one"),
- regarding the details of the requirements: a maintained OS? a
permanently running antivirus? HTML display turned off in the mailer? ...
It is also very debatable whether GNU should merely *expect* that an
an uploader runs a secure system, or *enforce* it.
In any case, even if you want to enforce it, an error message
"*** Your distribution does not receive regular security updates"
is better than
"gpg-agent is not available in this session"
because it saves the user from an hour of investigation.
Bruno
