On Tue, Nov 18, 2008 at 11:06:08PM +0000, Luis de Bethencourt wrote: > I agree with all Nico points. Spec file based submissions built in a > controlled machine. > > And yes, in the Community Infraestructure project of JDS we are > building exactly that.
Note: I wasn't proposing that, though I would be happy with it. My main point was that none of these steps are sufficient to prevent malware from getting into the repos. As we have more and more untrusted software we'll really need TX/FLASK/FMAC. (Think of sandboxing, done well.) Nico -- _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
