authentication for hackage uploads

[Neil Mitchell]

Hi

> We need some security on uploads to hackage, because Cabal packages
> can run arbitrary code during the build process

I think this should be strongly discouraged by Cabal, almost to the
point where Setup files with custom code are disallowed by Hackage.
Doing an attack on an in-use module is a lot more work than putting it
in the configure script.

> I think that Apache authentication (as used in Trac, for example) would
> be sufficient, but that the initial registration of submitters needs to
> be done manually by a small group of people.  We need to know who we're
> dealing with, and we need at least an email address to contact them.
> Personally, I'd prefer that user names were real names in camel case,
> but maybe I'm too old-fashioned.

There is also a list of people with access to the darcs repo's on
Haskell.org - these things probably want managing in much the same
way. Currently the policy is that Yhc hackers get their key added to
my authorised_keys file, and just log in using my username - I'm not
terribly comfortable with that.

I would demand at the very least a real name, email address - but
really, in an online world those things are nearly useless. I guess
the only thing to do is to trust that people who have learnt enough
about monads and IO to hijack Haskell things probably realise how cool
Haskell is...

Thanks

Neil