Re: Official Debian digital 'branding' of debs

[Manoj Srivastava <srivasta@debian.org>]

Hi,
>>"Nicolás" == Nicolás Lichtmaier <nick@debian.org> writes:

 Nicolás> Ok.. I agree, but:
 >> c) You trust the debian developer team (since they are the ones who
 >> are creating the packages.

 Nicolás>  I'd like to bring this issue.

 Nicolás>  I've always thought that we need to migrate to autobuild everything,
 Nicolás> because of security.

        Autobuilding is inherently insecure -- any automated process
 in a critical path increases the risk. And who maintains the
 integrity of the automated system? Who shall go through the reams of
 software on the system? how do we know software is not corrupted on
 the target machine? 

 Nicolás>  I don't like the current status when a maintainer can
 Nicolás> upload a binary that doesn't match the source. If we had an
 Nicolás> autobuild daemon for everything, we could audit
 Nicolás> everything... sbdy could check from backdoors in every
 Nicolás> source file.. but now that's imposible...

        That would be impossible, due to the size of task involved. We
 are already at the point that if you can't trust the developers,
 there is little that can be realistically done.

        manoj
 I am not opposed to increasng security, I am just in favour of
 realistic measures
-- 
 As I approached the intersection a stop sign suddenly appeared in a
 place where no stop sign has ever appeared before. I was unable to
 stop in time to avoid the accident.
Manoj Srivastava   <srivasta@debian.org>  <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E