I don't think we need any security team for Arch. New packages are released within a week of their updates. GPG signing and md5sum verification is a must though. -- Nilesh Govindarajan Site & Server Administrator www.itech7.com