ARB security checklist
Allison Randal
allison.randal at canonical.com
Wed Nov 17 16:50:39 UTC 2010
On 11/16/2010 02:55 PM, Shane Fagan wrote:
> It would weed out possible spam requests and people using the ARB to get
> around the archive with malicious software. It does seem to be a good
> idea in theory but id say it would block entry. The entire quote from
> the wiki page is
>
> "developer must sign a developer contract and preferably pay to have an
> application considered in PostReleaseApps (eg, $1 USD). Why?
>
> makes sure the developer knows the requirements
> discourages anonymity. People are less likely to do intentional harm if
> there is a fear of getting caught. Having a signed agreement with credit
> card and contact information is a strong social and psychological
> deterrent."
Agreed that we can't do the $1 charge, but there is another possible
route to the same psychological deterrent, and that is "we need
financial information if you want to receive donations for your app".
It's completely optional, but does give us a higher level of confidence
in the developer who chooses to sign up for it. (This feature will be
enabled for the software center anyway, so we'd just be riding on
existing infrastructure.)
Allison
More information about the App-review-board
mailing list