This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============1245269980==
Content-Type: multipart/signed; micalg=pgp-sha1;
 protocol="application/pgp-signature";
 boundary="------------enig7C41B3196EDA8852DC3090AF"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig7C41B3196EDA8852DC3090AF
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

On 05/26/2010 02:37 AM, Brad Hards wrote:
>> Security of any system should be build on strong foundations --
>> otherwise it all doesn't make any sense.
> This logic is basically one about putting an extra padlock on the front=
 door,=20
> when there is no back wall. There are 2395 svn accounts that can write =
to the=20
> repository, which is probably a much easier (i.e. more likely) place to=
=20
> introduce untrustworthy code than the package tarballs.
>=20
Are you saying there is absolutely no control of what code goes into
official tarballs?

j.


--------------enig7C41B3196EDA8852DC3090AF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkv8cN0ACgkQORdkotfEW840FACfUZumle+as6nwX5jyJM+cC/Q4
A08AoNkBL/usCOsnMz98+0QOSbpyWxWB
=RDa1
-----END PGP SIGNATURE-----

--------------enig7C41B3196EDA8852DC3090AF--

--===============1245269980==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

 
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<

--===============1245269980==--