One more thing... I spent a long time talking with somebody at the booth about the security of the portage tree. I talked about our digests, manifests, and the fact that we're working on signing the manifests. He was pretty happy with the state of things, but it was a wake-up call to me that we need to get with enforcement of gpg signing manifests. AFAIK, the lack of enforcement is the only real weakness in our current setup.
Regards, Aron -- Aron Griffis Gentoo Linux Developer
pgpQGL6J1pkqM.pgp
Description: PGP signature
