-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160
David R. Morrison wrote:
I know and I addressed this several times in Channel. Justin has the "mirror" module which adresses this issue on a more global scale as far as I understood. He was going to update it to HEAD as soon as his SHLIBS stuff is in.
I'm not sure if you realize this, but all of the mirrors you have recruited
recently were not being used by anyone (other than a few Fink developers
who use CVS), because the list of mirrors is only updated when the package
manager is updated.
My concern still remains. As I pointed out, I never thought the system to be secure in the first place, thus it wasn't too bad that not many were relying on it yet. Wew should have solved the security issues before making this accessable to the broad public and thuis increasing the risk involved with this system.The security of the current system is no different than the security of the previous system. The list of mirrors is kept in CVS, and released as a fink package with an MD5 sum for the tarball.
I'll see to it, that I get GnuPG signing operational as soon as possible
0.17.1.cvs
I'll look into the the @INC problem you had. Which version of fink did you have installed when you tried to inject?
- -d
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (Darwin)
iD8DBQE/7uf1PMoaMn4kKR4RA60kAJ4ufFYK7mhzPrZW9egJx5yFzjDlxACfVmU0 ecXQl6ETfH3A1vmfTq52qjE= =jUzD -----END PGP SIGNATURE-----
------------------------------------------------------- This SF.net email is sponsored by: IBM Linux Tutorials. Become an expert in LINUX or just sharpen your skills. Sign up for IBM's Free Linux Tutorials. Learn everything from the bash shell to sys admin. Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click _______________________________________________ Fink-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/fink-devel
