On Tue, Feb 20, 2001 at 10:24:03PM -0500, Branden Robinson wrote: > The purpose of this message is to outline the reasons I running for Debian > Project Leader, and to present an idea of some specific things I would like > to accomplish during my term, if elected. You forgot to tell about security. More and more people are concerned about trojans in automatically downloaded packages. I know that there's no really good solution as in the end it is all software from different authors but we must at least do a bit more for security. Proposals are e.g. * APT could automatically check signatures on downloaded sources * APT could automatically check signatures on packages which the maintainer has self builded. * A task force could check the diffs and md5sum check the .orig.tar.gz's for malicious code - yeah, I know it's easy to hide but we normally don't have that much source code changes outside the /debian dir. * something. At least make the users aware how much or less the security they get from RedHats signed packages really is for them. * More more people for the security fix team.
bye, -christian- -- Christian Hammers WESTEND GmbH - Aachen und Dueren Tel 0241/701333-0 [EMAIL PROTECTED] Internet & Security for Professionals Fax 0241/911879 WESTEND ist CISCO Systems Partner - Premium Certified