[Catalog-sig] Extra links on the PyPI /simple index package pages

P.J. Eby pje at telecommunity.com
Fri Jun 18 23:14:31 CEST 2010

At 11:01 AM 6/18/2010 -0500, Ian Bicking wrote:
>A simple security hole would be having a homepage that is a wiki -- 
>anyone could edit the wiki and put up a link to a trojan package and 
>it could get found and installed.

Of course, that's also a security hole even if you're *not* using an 
automated installation.  

More information about the Catalog-SIG mailing list