On Thursday 21 December 2006 16:41, Jean-Marc Pigeon wrote: > I am afraid saying "repos.d" is out of reach is too > self-centric. As Fedora cycle are very short this will > imply Fedora can't be use to run a real application server. > Sharing my feeling... The problem lies in dropping a repo that points to a location that Fedora doesn't control. We can't protect against that location being compromised and start sending out trojaned binaries to those who enable the repo. This is the same reason why 'live updates' of software apps are discouraged, again locations that Fedora doesn't control. For this reason alone I would discourage and vote against allowing any package to drop another repo in place, that wasn't a Fedora controlled repo. -- Jesse Keating Release Engineer: Fedora
Attachment:
pgpbuXM74DhEA.pgp
Description: PGP signature
-- fedora-extras-list mailing list fedora-extras-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-extras-list
