[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: two questions



On Wed, Aug 08, 2007 at 11:21:36PM +1000, John Pye wrote:
> (1) after my package review, I get to add my files to CVS and build the
> package that ultimately gets into Fedora. What is to stop me from
> uploading something subtly (or even maliciously) different from the
> files that were actually reviewed?

Subtly different in the sense of having additional fixes is
OK. malicious is not. Just don't do it. ;)

Actually that's the part where the mentors step in - you earn your
trust by (hopefully) being watched by them, and if you behave well for
a couple of packages you have enough trust points gained.
-- 
Axel.Thimm at ATrpms.net

Attachment: pgpX2CUIzW9eX.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]