>>>>> "TL" == Tom Lane <tgl@xxxxxxxxxx> writes: TL> OK, but then the default for existing packages is to be wide open TL> :-(. Yes, thankfully. Otherwise we would have a massive change in behavior overnight. TL> Or are you auto-creating empty pkg.acl file for all existing TL> packages, as well as new imports? Hopefully not. TL> I hope the answer is yes, so we don't all have to scramble to TL> close up our packages. Why on earth would you want to? We've not had any access control for all this time (and with amazingly good results, I might add), and all of a sudden you'd have to scramble to close things down? If you do nothing to impose ACLs on your packages, no behavior will change. You'll not somehow be less secure. The one concern I have is the ability of package maintainers to lock out too many people, such as the security team or those of us who just go through and fix problems in packages. - J< -- Fedora-maintainers mailing list Fedora-maintainers@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers -- Fedora-maintainers-readonly mailing list Fedora-maintainers-readonly@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-maintainers-readonly
