Re: Preventing government subversion in Debian, verification of binary package uploads
"We will be guided by the needs of our users and the free software community.
We will place their interests first in our priorities."
If a Debian contributor were faced with a demand to do something that
undermines the privacy or other interests of Debian users then I would hope
and expect that the contributor would choose instead to cease being a
contributor. Were he not to do so then he would have to be regarded as an
Here I assume that U.S. law is not so draconian that it can require someone
who has contributed to Debian (and who is therefore trusted) to continue
So perhaps the more pertinent question is, what safeguards does Debian have