[Hackage] #214: Package security
Hackage
trac at galois.com
Tue May 20 06:36:14 EDT 2008
#214: Package security
----------------------------+-----------------------------------------------
Reporter: duncan | Owner:
Type: task | Status: new
Priority: normal | Milestone:
Component: miscellaneous | Version: 1.2.3.0
Severity: normal | Resolution:
Keywords: | Difficulty: project(> week)
Ghcversion: 6.8.2 | Platform:
----------------------------+-----------------------------------------------
Comment (by guest):
I agree with int-e - by putting something on hackage, and telling everyone
that hackage is great, we are putting some faith in the system. I think
instead of trusting packages, we should be trusting uploaders. There
aren't going to be many people who write 3 real Haskell libraries, then on
their fourth go, decide to harm everyone. Perhaps a "this person also
uploaded", or a cursory check by a human when a person uploads their first
package.
--
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/214#comment:8>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects
More information about the cabal-devel
mailing list