Package review status
Lapo Luchini
lapo@lapo.it
Wed Sep 25 03:45:00 GMT 2002
Chris January wrote:
>>>*Updated* packages are trusted by default. They can be uploaded w/o
>>>review.
>>>
>>>
>Not being funny, but this probably shouldn't be the case. I could easily
>spoof some mail headers and get a compromised binary uploaded.
>
Then I suggest you (and other that find in this a security problem) to
comment my latest RFC (23/09 13:54 CEST) which tried to resurrect the
old thread about using GPG for developers ;-)
Lapo
--
Lapo 'Raist' Luchini
lapo@lapo.it (PGP & X.509 keys available)
http://www.lapo.it (ICQ UIN: 529796)
More information about the Cygwin-apps
mailing list