#214: Package security ----------------------------+----------------------------------------------- Reporter: duncan | Owner: Type: task | Status: new Priority: normal | Milestone: Component: miscellaneous | Version: 1.2.3.0 Severity: normal | Resolution: Keywords: | Difficulty: project(> week) Ghcversion: 6.8.2 | Platform: ----------------------------+----------------------------------------------- Comment (by guest): I agree with int-e - by putting something on hackage, and telling everyone that hackage is great, we are putting some faith in the system. I think instead of trusting packages, we should be trusting uploaders. There aren't going to be many people who write 3 real Haskell libraries, then on their fourth go, decide to harm everyone. Perhaps a "this person also uploaded", or a cursory check by a human when a person uploads their first package. -- Ticket URL: http://hackage.haskell.org/trac/hackage/ticket/214#comment:8 Hackage http://haskell.org/cabal/ Hackage: Cabal and related projects