Erik Soderquist wrote:
On Fri, Oct 7, 2016 at 6:04 PM, Linda Walsh wrote:
As for package maintainers needing some specific behavior --
if a backdoor to your system was part of the "base" system, would you
If there is a "back door" in a base package, that is a security
failing and needs to be reported and fixed
---
I think you miss the point -- the point would be whether or
not you believe you "need" to install and use it "as is", or if consider
that maybe you want a different, "fixed" version? Whether you fix it
or someone else does often depends on turn-around time and ease of
user building, but I think you answer the question -- you'd
take action to replace the code *rather* than living with it.
Hey, I never accused, directly or obliquely, you of not using
your head... ;-)
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
