From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from lists.gentoo.org ([140.105.134.102] helo=robin.gentoo.org) by nuthatch.gentoo.org with esmtp (Exim 4.62) (envelope-from ) id 1HXmBI-00006K-MY for garchives@archives.gentoo.org; Sat, 31 Mar 2007 22:36:21 +0000 Received: from robin.gentoo.org (localhost [127.0.0.1]) by robin.gentoo.org (8.14.0/8.14.0) with SMTP id l2VMYRoV031533; Sat, 31 Mar 2007 22:34:27 GMT Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) by robin.gentoo.org (8.14.0/8.14.0) with ESMTP id l2VMVHFh026932 for ; Sat, 31 Mar 2007 22:31:17 GMT Received: from localhost (localhost [127.0.0.1]) by smtp.gentoo.org (Postfix) with ESMTP id D28246426D for ; Sat, 31 Mar 2007 22:31:16 +0000 (UTC) X-Virus-Scanned: amavisd-new at gentoo.org X-Spam-Score: 0.137 X-Spam-Level: X-Spam-Status: No, score=0.137 required=5.5 tests=[AWL=-1.116, RCVD_NUMERIC_HELO=1.253] Received: from smtp.gentoo.org ([127.0.0.1]) by localhost (smtp.gentoo.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EyzvlnEgO4+O for ; Sat, 31 Mar 2007 22:31:09 +0000 (UTC) Received: from ciao.gmane.org (main.gmane.org [80.91.229.2]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTP id B0A9C64723 for ; Sat, 31 Mar 2007 22:31:04 +0000 (UTC) Received: from list by ciao.gmane.org with local (Exim 4.43) id 1HXm5l-000506-9R for gentoo-dev@gentoo.org; Sun, 01 Apr 2007 00:30:37 +0200 Received: from 82.152.200.73 ([82.152.200.73]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 01 Apr 2007 00:30:37 +0200 Received: from slong by 82.152.200.73 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Sun, 01 Apr 2007 00:30:37 +0200 X-Injected-Via-Gmane: http://gmane.org/ To: gentoo-dev@lists.gentoo.org From: Steve Long Subject: [gentoo-dev] Re: [soc] Python bindings for Paludis Date: Sat, 31 Mar 2007 23:27:19 +0100 Message-ID: References: <200703240028.15461.peper@gentoo.org> <200703271519.29674.vapier@gentoo.org> <20070327211510.0b426e09@snowflake> <200703301404.16400.vapier@gentoo.org> <20070331201602.3e50b815@Kacian2.emea.hpqcorp.net> <1175369043.5961.30.camel@localhost> <20070331203957.0ce015bd@blashyrk> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@gentoo.org Reply-to: gentoo-dev@lists.gentoo.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7Bit X-Complaints-To: usenet@sea.gmane.org X-Gmane-NNTP-Posting-Host: 82.152.200.73 User-Agent: KNode/0.10.4 Sender: news X-Archives-Salt: af95e146-6ddc-4cf5-9b55-a7b81bba83d6 X-Archives-Hash: 7cc4556c78f75455a75c167b391f5d03 Stephen Bennett wrote: > On Sat, 31 Mar 2007 15:24:03 -0400 > Seemant Kulleen wrote: >> To make it more clear...If an official package manager is outside of >> Gentoo's control, and the maintainer(s) of that piece of software decide >> to do anything malicious (examples: inject some dodgy code, remove >> documentation, take out access to the repository, etc) for whatever >> reason (say, they get pissed off at a few Gentoo people and decide that >> the entire Gentoo community can be painted that way), then > > ... Gentoo developers can take the latest release of said package > manager and continue development from that. That's the wonderful thing > about the GPL, no? Too late for all the affected users tho. Point is it's a major security hole which no sane organisation would even consider for mission-critical code. -- gentoo-dev@gentoo.org mailing list