On Thursday 29 June 2006 01:39, David Shakaryan wrote: > Mike Frysinger wrote: > > On Saturday 24 June 2006 18:54, Edward Catmur wrote: > >> * Security (from malicious contributors): Glad to see layman will only > >> track the reviewed/ tree; still, anyone who checks out the sunrise/ tree > >> (and has it in PORTDIR_OVERLAY) is vulnerable. > >> > >> - Remove from the examples any suggestion that one should check out the > >> whole tree when contributing. Point out that one should not svn up > >> sunrise/ as part of updating Portage. > > > > valid point i think > > The guide has been edited to inform users that they should *not* use the > sunrise/ tree for any reason other than committing. Now, in the > HowToCommit guide, near the instructions for checking out the sunrise/ > tree, it clearly states that you should not set it as your > PORTDIR_OVERLAY, but use the reviewed/ instead.
you can add documents all you want telling people to not do something ... if they are allowed to do it though, they will -mike
pgpGy7xNFHuZf.pgp
Description: PGP signature
