On Mon, Apr 03, 2000 at 01:46:22PM +0200, Robert Bihlmeyer wrote:
> Anthony Towns <aj@azure.humbug.org.au> writes:
> > Users don't have enough information to make such a decision, however.
> > How do they know if James allowed a particular NMU to be made, [...]
> It would probably be better to let this essential package be
> maintained by a small team.
It's generally much better to design better technical solutions that
work with the current structure of Debian, than try to change the way
Debianites work because you're technical tools are inadequate.
Seriously. The latter might get accepted, but in the end it'll just be
pointless extra bureacracy that'll frustrate people until they start
blithely ignoring it.
</philosophy-of-debian>
> > And if he's already compromised your local mirror, and decides that no
> > one needs an updated debian-keyring, or any of those irritating bugfree
> > packages?
> This is a problem, that is not solved by a signed Packages.gz. If
> some package has an exploit (through malice or because of the usual
> oversight), somebody controlling a mirror can always prevent updates
> from filtering down.
With signed Packages.gz it's an all or nothing situation though (actually,
with a signed index, it's even more of an all or nothing situation: you
either get *all* the distributions you distribute updated, or *none* of
them). Without them, you can pick and choose, which makes things harder
to notice among other things.
Cheers,
aj
--
Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG encrypted mail preferred.
``The thing is: trying to be too generic is EVIL. It's stupid, it
results in slower code, and it results in more bugs.''
-- Linus Torvalds
Attachment:
pgpyDq3pwr9hP.pgp
Description: PGP signature