Re: Proposing a debian-contrib net...

[Marko Schulz <4mschulz@informatik.uni-hamburg.de>]

On Wed, Jun 07, 2000 at 02:43:17PM +0000, Roland Rosenfeld wrote:
>
> - There is no way to check whether the maintainer/uploader of a
>   package can be trusted.  At the moment only registered Debian
>   maintainers are able to upload packages, so the packages are safe.
>   If everybody could upload packages to the contrib section...

This is the point, bothering me the most about a debian-contrib net. 

I know that it is quiet common in the rpm-world to install packages
that are floating around the net, without knowing who actually build
what into it. I don't like that and I am very happy with it, the way
it is now in debian. 

So for me there are really only two choices: Pike a package from
debian or from the author (debian or source, depending what he
provides).  OK, there are some others I trust (like helix), but I
wouldn't trust a contrib-net to which many (most unknown to me) would
contribute.

-- 
marko schulz

I am the "ILOVEGNU" signature virus. Just copy me to your signature.
This email was infected under the terms of the GNU General Public License.