What's the deal with NMUs? [was Re: Are you still there?]
On Tue, Nov 04, 2003 at 07:17:12PM -0500, Alex Pennace wrote:
> A well meaning NMU to unstable can be helpful in the interim.
> Naturally, submit a bug to describe the NMU; a diff is useful. If I
> notice any problems I'll work with the uploader while the package is
> still in unstable.
I'm confused by the concept of NMU: can anybody just arbitrarily upload
a new version of a package? I have a feeling that are some controls but
it seems pretty wild and wooly, and subject to abuse.
The whole openness of the bug tracking system and package system seems
particularly vulnerable to persons with malicious and subversive intent.
Has anybody ever "attacked" the Debian process? Are there specific
controls in place to prevent "attacks", or has it just never come up?