Brian Nelson <firstname.lastname@example.org> writes: > It's the reason why Debian has a maintainer application process, > requires new maintainer gpg keys to be signed by existing developers, > and requires all uploads to be gpg signed by a key in the Debian > keyring. Of course this doesn't prevent a Debian developer from doing > evil things, but it makes it possible to track and permanently ban > whoever did the evil things. I don't think that he's talking about official sources, judging by the subject. -- Paul Johnson <email@example.com> Linux. You can find a worse OS, but it costs more.
Description: PGP signature