Kalle Kivimaa <killer@debian.org> writes: > Marc 'HE' Brockschmidt <he@ftwca.de> writes: >> (2) As soon as someone is in the DM keyring, a DD can give him >> upload rights for virtually every package by adding the DM to >> the Uploaders field and adding the DM-Upload-Allowed field. > If there is a malicious DD who wants to do that, what would stop that > DD from creating an automated system that accepts packages from the > DM, signs them and sends them into the upload queue? I'm not saying that the DD is malicious, but simply a moron. That happens more often, really. Marc -- BOFH #60: system has been recalled
Attachment:
pgpNMnc0l9yuy.pgp
Description: PGP signature