On Mon, Sep 21, 2015 at 1:01 PM, Owen Taylor <otaylor redhat com> wrote:
Do we trust this code or not? If not, we should either a) sandbox it or b) delete it.
Moving less-trusted loaders into a separate repo is a blame-the-user or blame-the-os-vendor move, depending on who installs them onto the system.
The only way to prevent the blame game you mention in a typical distribution where everything is installed through packages would be to stop supporting out of tree modules entirely, if I interpret your concern correctly.
My point is that as long as that's the case, at least maintaining them in a central location gives people an aggregation point for fixes.