On Fri, 2006-06-09 at 02:08 +0100, Ciaran McCreesh wrote: > On Fri, 09 Jun 2006 02:49:14 +0200 Markus Ullmann <[EMAIL PROTECTED]> > wrote: > | > No. It clearly says that you would be doing the basic QA checks and > | > repoman checking on initial commit. You even said it right above > | > where I commented! > | > | You're doing some witch hunting here... I said we keep an eye on > | non-devs commits. > > How much do you want to bet that I couldn't sneak malicious code past > you? > > And if you accept that I could do it, you're also admitting that quite > a few other random people, some of whom don't share my own ethical > objections to such a stunt, could also pull it off given sufficient > time and effort...
I'd say that it's entirely possibly for some non-dev to sneak malicious code into the tree as is now, just as it will be possible to do in an overlay. It's not like it's particulary difficult to have someone proxy for you, and let's face it, if someone is willing to do so then they probably can't be arsed checking that what they are committing is clean and nice.. I mean, I trust you, right?
signature.asc
Description: This is a digitally signed message part
