On Tue, 2004-06-08 at 23:10, Jason van Zyl wrote: > On Tue, 2004-06-08 at 22:59, Julian C. Dunn wrote: > > > I must admit that I share their concern; I'm curious to know whether the > > security implications of this have been discussed at all. > > Many times, we have use cases, and the upload process will become more > rigourous over time. We've also had a couple more complete proposals > submitted: one by Nat Pryce and one by John Casey
For reference: http://docs.codehaus.org/display/MAVEN/Repository+-+Security http://docs.codehaus.org/display/MAVEN/Repository+-+Security+by+nat+pryce Wagon is being employed in m2 so things like using encrypted transfer will become possible. Some may consider it negligence but I considered convenience to be the overriding concern. I realize security is an issue, but I feel it's become a bit a boogey man. Anything is possible and maybe there is some really, really bored guy with nothing better to do then muck up the works for everyone but I'm really hoping that doesn't happen. But in m2 we will have options for the paranoid and the upload process will be easier and more secure. I am no security expert and I don't think we have one on the team here but pick away at the proposals, badger security folks you know to look things over. We are will to implement anything deemed reasonable and sane. -- jvz. Jason van Zyl [EMAIL PROTECTED] http://maven.apache.org happiness is like a butterfly: the more you chase it, the more it will elude you, but if you turn your attention to other things, it will come and sit softly on your shoulder ... -- Thoreau --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
