Seemant Kulleen wrote: > The effects are far reaching and shared by everyone. If an official > package manager is outside of Gentoo's control, and the maintainer(s) of > that piece of software decide to do anything malicious (examples: inject > some dodgy code, remove documentation, take out access to the > repository, etc) for whatever reason (say, they get pissed off at a few > Gentoo people and decide that the entire Gentoo community can be painted > that way), then Gentoo has now become a slave to those people. That, > I'm sure you'll agree, is unacceptable.
(ignoring [possible securty issues as per spanky's mail) Wouldn't that be solved if $other-package-manager folks provide full dumps of the SCM system they use? Cheers, -jkt -- cd /local/pub && more beer > /dev/mouth
signature.asc
Description: OpenPGP digital signature