> [EMAIL PROTECTED] (Yves Orton) writes:
> > Afaik the only real reason for the modules list is to
> prevent people from
> > accidentally installing a module that is released under a
> known name, but by
> > an unknown author.
> >
> > So if I release Email::Simple 1.4 no one using CPAN.pm to
> install it will end
> > up with my version, they will always end up with your version.
>
> You're confusing the module list with the module list. :)
Shoot. Your right. I keep confusing the module list with the module list. Its a horrible habbit.
:-)
>
> 02packages.details.txt.gz, generated by PAUSE, does what
> you're talking about.
> The module list (00modlist.long.html) is what we were talking
> about, since
> that is the one you have to register for. And I still think that
> 00modlist.long.html is now irrelevant.
Ok, now I get you. Yeah you may have a point there.
But I still think my point about the site being an security vulnerability is valid. CPAN.pm provides a modest level of protection against this type of thing, but the site none. I hope it doesnt take an exploit for some logic to be added to the pages to state that the release is not by the official author.
Yves
