Duncan Coutts wrote: >>> let random users... submit... build reports...
I wrote: >> ...we open ourselves up to... hostile build reports and DOS. Manlio Perillo wrote: > DOS is always a problem, for every application open to the Internet. Yes. But I didn't mean just generic flooding. I meant abusing the effect of build reports to create a DOS. > As for hostile builds reports, I don't see it as a security concern. Hostile build reports could effectively remove a package from hackage. Or bless a faulty package, causing problems on other people's systems. -Yitz _______________________________________________ Haskell-Cafe mailing list Haskell-Cafe@haskell.org http://www.haskell.org/mailman/listinfo/haskell-cafe