On Tue, 10 Jun 2008 15:36:58 +0100 Robert Bridge <[EMAIL PROTECTED]> wrote: > So relying on the file extension seems to be a recipe for > misunderstanding. Why limit the functionality of the package manager > to rely on the file names? How do you protect the package manager > from a malicious ebuild masquerading under the wrong EAPI? Relying on > the file name for information is the kind of design decision we laugh > at in Windows, so why adopt it here?
There is no protection against malicious ebuilds. Malicious ebuilds already run code as root when you install them. Being able to get an ebuild run with the wrong EAPI is utterly irrelevant. -- Ciaran McCreesh
signature.asc
Description: PGP signature
