Re: Security in the emacs package ecosystem

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Security in the emacs package ecosystem

From:	Richard Stallman
Subject:	Re: Security in the emacs package ecosystem
Date:	Tue, 14 Mar 2023 00:00:00 -0400

[[[ To any NSA and FBI agents reading my email: please consider    ]]]
[[[ whether defending the US Constitution against all enemies,     ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]

  > The Emacs manual only mentions, that package archives can be
  > signed and that "Package archives should provide instructions on
  > how you can obtain their public key." (emacs, 48.3 Package
  > Installation)

  > There are no such instructions on https://elpa.gnu.org nor is
  > there any information on security.

We need to provide information about these topics, as well as
everything else we expect ELPA package maintainers to do, and
whatever we want them to agree to.

-- 
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Security in the emacs package ecosystem, Thomas Koch, 2023/03/11
- Re: Security in the emacs package ecosystem, Richard Stallman <=

Prev by Date: Re: continuation passing in Emacs vs. JUST-THIS-ONE
Next by Date: Re: continuation passing in Emacs vs. JUST-THIS-ONE
Previous by thread: Re: Security in the emacs package ecosystem
Next by thread: Text shadows
Index(es):
- Date
- Thread