[Hackage] #214: Package security

Hackage trac at galois.com
Tue May 20 06:36:14 EDT 2008


#214: Package security
----------------------------+-----------------------------------------------
  Reporter:  duncan         |        Owner:                 
      Type:  task           |       Status:  new            
  Priority:  normal         |    Milestone:                 
 Component:  miscellaneous  |      Version:  1.2.3.0        
  Severity:  normal         |   Resolution:                 
  Keywords:                 |   Difficulty:  project(> week)
Ghcversion:  6.8.2          |     Platform:                 
----------------------------+-----------------------------------------------
Comment (by guest):

 I agree with int-e - by putting something on hackage, and telling everyone
 that hackage is great, we are putting some faith in the system. I think
 instead of trusting packages, we should be trusting uploaders. There
 aren't going to be many people who write 3 real Haskell libraries, then on
 their fourth go, decide to harm everyone. Perhaps a "this person also
 uploaded", or a cursory check by a human when a person uploads their first
 package.

-- 
Ticket URL: <http://hackage.haskell.org/trac/hackage/ticket/214#comment:8>
Hackage <http://haskell.org/cabal/>
Hackage: Cabal and related projects


More information about the cabal-devel mailing list