Re: Proposing a debian-contrib net...
On Wed, Jun 07, 2000 at 02:43:17PM +0000, Roland Rosenfeld wrote:
> - There is no way to check whether the maintainer/uploader of a
> package can be trusted. At the moment only registered Debian
> maintainers are able to upload packages, so the packages are safe.
> If everybody could upload packages to the contrib section...
This is the point, bothering me the most about a debian-contrib net.
I know that it is quiet common in the rpm-world to install packages
that are floating around the net, without knowing who actually build
what into it. I don't like that and I am very happy with it, the way
it is now in debian.
So for me there are really only two choices: Pike a package from
debian or from the author (debian or source, depending what he
provides). OK, there are some others I trust (like helix), but I
wouldn't trust a contrib-net to which many (most unknown to me) would
I am the "ILOVEGNU" signature virus. Just copy me to your signature.
This email was infected under the terms of the GNU General Public License.