# overlays security

## krotuss

Hi, does installing software from overlays (layman -L) pose additional significant security risk? Does gentoo perform any screening on content and persons managing those overlays?

----------

## Ant P.

Gentoo doesn't even QA half the stuff that goes in the official repo...

----------

## krotuss

Thanks, does gentoo at least authenticate (online) identity of people that maintain those overlays, or just about anybody can get his overlay listed? Is installing ebuild from listed overlays at least more secure than installing some "random" ebuild found "somewhere" on internet?

----------

## Ant P.

People need at least a working email address to submit their repo via the bug tracker, and there are rules for inclusion here.

----------

