Vincent Danen <[EMAIL PROTECTED]> wrote: > On Thu Sep 25, 2003 at 07:59:30PM -0400, Levi Ramsey wrote: > > I think the policy should be that anything which listens on a port > > should not, under any circumstances, be in contribs, as contribs are > > not generally updated; I'm sure that someone will come along with a > > sendmail repository and do the updates themselves. > > I disagree. A lot of nice network-type software would be missing and I > sure as heck don't want them all in main. What's wrong with having > them in contribs? They aren't officially maintained... so what? Having > them in contribs, joe sysadmin can grab the src.rpm for what he has > installed, grab the new version or patch, and roll his own. It's still > convenient for him to have it in contribs even if he doesn't get it > via MandrakeUpdate.
I does make sense if we have a note attached on them they can pose a security risk and if people use them they should take care they are up to date. Some sort of mechanism that keeps people informed about updates. For example xmule which was found to be exploitable recently. I expect more troubles from that program. A simple warning after installing wont even do... Can somebody come up with a decent solution to this problem? # Han -- http://www.xs4all.nl/~hanb/software http://www.xs4all.nl/~hanb/documents/quotingguide.html
pgp00000.pgp
Description: PGP signature
