Jeff Spaleta (jspaleta@xxxxxxxxx) said: > I think if we limit this service to packages only from people who have > signed the appropriate CLA and are a sponsored contributor I think > both the obvious trojan risk and the legal liability of distribution > risk fall within already acceptable levels comparable to the review > process we have. That's not bad; it's simple, should be easy to implement, and should get rid of most of the direct risks. Bill -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
