[Hackage] #239: security hole: anyone can replace a package
Hackage
trac at galois.com
Thu Feb 14 08:54:02 EST 2008
#239: security hole: anyone can replace a package
--------------------------------+-------------------------------------------
Reporter: guest | Owner:
Type: defect | Status: new
Priority: normal | Milestone:
Component: HackageDB website | Version:
Severity: normal | Resolution:
Keywords: | Difficulty: normal
Ghcversion: 6.8.2 | Platform:
--------------------------------+-------------------------------------------
Comment (by guest):
Yes, let it be overridden by a trusted admin type person. And let me say
who I think can upload my package. But I shouldn't be allowed to upload a
package on behalf of someone else without them knowing.
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/239#comment:5>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
More information about the cabal-devel
mailing list