ARB security checklist
Shane Fagan
shanepatrickfagan at ubuntu.com
Wed Nov 17 17:04:24 UTC 2010
Hey Allison,
That sounds like a good plan.
--fagan
On Wed, 2010-11-17 at 08:50 -0800, Allison Randal wrote:
> On 11/16/2010 02:55 PM, Shane Fagan wrote:
> > It would weed out possible spam requests and people using the ARB to get
> > around the archive with malicious software. It does seem to be a good
> > idea in theory but id say it would block entry. The entire quote from
> > the wiki page is
> >
> > "developer must sign a developer contract and preferably pay to have an
> > application considered in PostReleaseApps (eg, $1 USD). Why?
> >
> > makes sure the developer knows the requirements
> > discourages anonymity. People are less likely to do intentional harm if
> > there is a fear of getting caught. Having a signed agreement with credit
> > card and contact information is a strong social and psychological
> > deterrent."
>
> Agreed that we can't do the $1 charge, but there is another possible
> route to the same psychological deterrent, and that is "we need
> financial information if you want to receive donations for your app".
> It's completely optional, but does give us a higher level of confidence
> in the developer who chooses to sign up for it. (This feature will be
> enabled for the software center anyway, so we'd just be riding on
> existing infrastructure.)
>
> Allison
More information about the App-review-board
mailing list