On Thu, Mar 7, 2013 at 9:34 AM, R. Mattes <rm@mh-freiburg.de> wrote:


Iff you protection against this kind of exploits you pretty much need to audit you
code base or use distributions that use signed packages. Trust your
distribution or
audit, those are the only options you have.

Given that I'd much prefer that people did NOT get Ardour from their Linux distribution, I'd prefer that they trust me.  That way they can at least the screw ups that several major distributions manage to inject into Ardour whenever they package it.

--p