On Saturday 14 March 2009, Matthew Johnson wrote: > Being part of the project, particularly with upload rights, is > something I believe _should_ be difficult. This restriction on access > to the archive is one of our strengths, it gives us a higher quality of > packaging (yes, there are exceptions, but they should be the exception, > not the rule) than would otherwise be possible.
The effort needed to go through the NM procedure also has an IMO import security aspect: it's quite unlikely that a "black hat" would be willing to make that effort to get in a position where (s)he could introduce trojaned packages into the archive. We should not delude ourselves that we could compensate for that by more review or whatever if the entry barrier is lowered. IMO any proposals for relaxation of the entry requirements, especially to give full upload access, should take this aspect into account. Cheers, FJP
signature.asc
Description: This is a digitally signed message part.
