Stephen Bennett wrote: > On Sat, 31 Mar 2007 15:24:03 -0400 > Seemant Kulleen <[EMAIL PROTECTED]> wrote: >> To make it more clear...If an official package manager is outside of >> Gentoo's control, and the maintainer(s) of that piece of software decide >> to do anything malicious (examples: inject some dodgy code, remove >> documentation, take out access to the repository, etc) for whatever >> reason (say, they get pissed off at a few Gentoo people and decide that >> the entire Gentoo community can be painted that way), then > > ... Gentoo developers can take the latest release of said package > manager and continue development from that. That's the wonderful thing > about the GPL, no?
Too late for all the affected users tho. Point is it's a major security hole which no sane organisation would even consider for mission-critical code. -- gentoo-dev@gentoo.org mailing list