Brian Nelson writes: > It's the reason why Debian has a maintainer application process, requires > new maintainer gpg keys to be signed by existing developers, and requires > all uploads to be gpg signed by a key in the Debian keyring. So use only backports done by Debian maintainers. -- John Hasler john@dhh.gt.org (John Hasler) Dancing Horse Hill Elmwood, WI