From: Stefan Seefeld (sseefeld_at_[hidden])
Date: 2004-12-22 08:43:09

• Next message: Cory Nelson: "Re: [boost] Re: boost.sourceforge.net hacked?"
• Previous message: John Maddock: "Re: [boost] Status of VC++.NET 2005 Beta"
• Maybe in reply to: David Abrahams: "[boost] Unzipping the Boost distro"
• Next in thread: Richard Peters: "Re: [boost] Unzipping the Boost distro"
• Reply: Richard Peters: "Re: [boost] Unzipping the Boost distro"

> From: Richard Peters [mailto:r.a.peters_at_[hidden]]

> Another argument that I thought of this morning: suppose we
> do not publish a
> self-extracting executable. What is going to stop an attacker from not
> uploading his own self-extracting look-alike? If he can
> change existing
> archives, he probably can add other archives as well.

right, but if some boost authority certifies its released packages,
everybody is free to ignore such look-alikes. Isn't that the whole
point of certification ?

Regards,
                Stefan

• Next message: Cory Nelson: "Re: [boost] Re: boost.sourceforge.net hacked?"
• Previous message: John Maddock: "Re: [boost] Status of VC++.NET 2005 Beta"
• Maybe in reply to: David Abrahams: "[boost] Unzipping the Boost distro"
• Next in thread: Richard Peters: "Re: [boost] Unzipping the Boost distro"
• Reply: Richard Peters: "Re: [boost] Unzipping the Boost distro"