[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ELPA security
From: |
Stefan Monnier |
Subject: |
Re: ELPA security |
Date: |
Tue, 08 Jan 2013 11:57:56 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/24.3.50 (gnu/linux) |
> OK, so the package vector will have a new element. Releasing a package
> will require releasing a new `archive-contents' with an updated
> signature for that package and re-signing it with the "GNU ELPA"
> maintainer key.
The `archive-contents' file is re-created afresh every day via a cron-job.
> Last question: do you want to provide for files that may show up during
> compilation?
Compilation takes place during installation and runs part of the
downloaded code, so by the time we're compiling it's too late to check
for security problems.
Stefan
- Re: ELPA security, (continued)
- Re: ELPA security, Jambunathan K, 2013/01/07
- Re: ELPA security, Paul Nathan, 2013/01/07
- Re: ELPA security, Stephen J. Turnbull, 2013/01/07
- Re: ELPA security, chad, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Stephen J. Turnbull, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/07
- Re: ELPA security, Stefan Monnier, 2013/01/07
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security,
Stefan Monnier <=
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08
- Re: ELPA security, Achim Gratz, 2013/01/08
- Re: ELPA security, Ted Zlatanov, 2013/01/08
- Re: ELPA security, Stefan Monnier, 2013/01/08