Re: building binary-only package with different name?

To: Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca>
Cc: <debian-mentors@lists.debian.org>
Subject: Re: building binary-only package with different name?
From: Steve Langasek <vorlon@netexpress.net>
Date: Tue, 27 Feb 2001 12:24:54 -0600 (CST)
Message-id: <[🔎] Pine.LNX.4.30.0102271221330.30176-100000@tennyson.netexpress.net>
In-reply-to: <[🔎] 20010227144039.BFBCB45C1@mixing.qc.dfo.ca>

On Tue, 27 Feb 2001, Peter S Galbraith wrote:

> In fact, make _sure_ you don't allow access to a signed .changes
> file on an unofficial web page because that would allow anybody
> to upload it to Debian.  It's signed after all.

Are the Debian upload queues not all password-protected?  If they are, then
the only danger is that another developer would upload your packages to the
queue, and that's as much a hanging offense as if they uploaded trojan
packages of their own, so. :)

If they aren't all password-protected, then how can we cryptographically sign
packages which are not suitable for upload into Debian that we want to
distribute from our own sites?

Steve Langasek
postmodern programmer

Reply to:

Follow-Ups:
- Re: building binary-only package with different name?
  - From: Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca>

References:
- Re: building binary-only package with different name?
  - From: Peter S Galbraith <GalbraithP@dfo-mpo.gc.ca>

Prev by Date: Re: subarchitectures (was Re: What to do with optimization flags ? )
Next by Date: Re: building binary-only package with different name?
Previous by thread: Re: building binary-only package with different name?
Next by thread: Re: building binary-only package with different name?
Index(es):
- Date
- Thread