On Wed, 17 Sep 2014 07:21:08 -0400 Tim Boudreau <[email protected]> wrote: > If someone wants to commit malicious code into Gentoo, they're far > more likely to take the ugly but pragmatic approach of, say, forcing > someone to commit malicious code at gunpoint and then shooting them, > than to go to the vast effort it would take to come up with malicious > code that conveniently has the same SHA-1 hash as an existing commit.
...or getting themselves recruited. Even easier. -- Ciaran McCreesh
signature.asc
Description: PGP signature
