On Mon, Apr 9, 2018, 16:47 Chris Jerdonek <chris.jerdo...@gmail.com> wrote:
> > One of Donald's comments in response to the idea (and that occurred to > me too and that I agree with) is that providing a way to communicate > messages to users introduces another possible avenue for attack. I agree that this is worth thinking about, but having thought about it I'm having trouble coming up with a threat model where it creates additional exposure? If someone takes over package distribution, that's obviously a far more serious problem. A messaging mechanism could amplify such an attack by encouraging people to install the compromised packages – but pip's existing check for new pip versions can also do that. Or if we have a mechanism for securing package updates, like TUF, then presumably we can use it to protect the MOTD as well? -n
_______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig