On Thu, Mar 7, 2013 at 9:34 AM, R. Mattes <rm(a)mh-freiburg.de> wrote:
Iff you protection against this kind of exploits you
pretty much need to
audit you
code base or use distributions that use signed packages. Trust your
distribution or
audit, those are the only options you have.
Given that I'd much prefer that people did NOT get Ardour from their Linux
distribution, I'd prefer that they trust me. That way they can at least
the screw ups that several major distributions manage to inject into Ardour
whenever they package it.
--p