Am Samstag, 3. November 2007 schrieb Andreas Schneider: > Aniruddha wrote: > > Actually this is even more easy then it sounds (and I am not a > > programmer). It only requires to document some simple rules for > > package handling (e.g. that packager should check for malware, and > > the monitoring of some standard security bulletins). > > It is easy? Ok. > > How should we check a new version of an application/program for > malware?
At the moment we do have only 3.8 GByte in our 10.3 SRPM-directory, so it shouldn't be a problem to check the sources line by line. Next packages will be available in the year 2350 ;-) It's all a question of (wo)manpower and the number of packages. We do have more then thousand packages and only a view sparetime packages. We can trust the programers, and go on like now, or review every tarball and reduce the number of packages to three or four for every packager. -- Machs gut | http://www.iivs.de/schwinde/buerger/tremmel/ Manfred | http://packman.links2linux.de/ _______________________________________________ Packman mailing list [email protected] http://212.112.227.138/cgi-bin/mailman/listinfo/packman
