#214: Package security
----------------------------+-----------------------------------------------
Reporter: duncan | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: miscellaneous | Version: 1.2.3.0
Severity: normal | Resolution:
Keywords: | Difficulty: project(> week)
Ghcversion: 6.8.2 | Platform:
----------------------------+-----------------------------------------------
Comment (by guest):
I worry about the idea of providing "security" or some notion of safety or
trust only if one behaves "as expected". That seems slightly odd to me.
Secondly, there has to be a first person or a first five people that grab
the package to try it out and to give it its initial "rating". And those
five could be 500 if it's suitably advertised, an oft requested feature or
a popular idea. Try adding a package to Hackage that claims it adds a
dependently typed system to Haskell and watch the number of downloads! And
if such a package as that is trojaned... -- matthew
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/214#comment:10>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
_______________________________________________
cabal-devel mailing list
[email protected]
http://www.haskell.org/mailman/listinfo/cabal-devel
