Re: Official Debian digital 'branding' of debs
Hi,
>>"Nicolás" == Nicolás Lichtmaier <nick@debian.org> writes:
Nicolás> Ok.. I agree, but:
>> c) You trust the debian developer team (since they are the ones who
>> are creating the packages.
Nicolás> I'd like to bring this issue.
Nicolás> I've always thought that we need to migrate to autobuild everything,
Nicolás> because of security.
Autobuilding is inherently insecure -- any automated process
in a critical path increases the risk. And who maintains the
integrity of the automated system? Who shall go through the reams of
software on the system? how do we know software is not corrupted on
the target machine?
Nicolás> I don't like the current status when a maintainer can
Nicolás> upload a binary that doesn't match the source. If we had an
Nicolás> autobuild daemon for everything, we could audit
Nicolás> everything... sbdy could check from backdoors in every
Nicolás> source file.. but now that's imposible...
That would be impossible, due to the size of task involved. We
are already at the point that if you can't trust the developers,
there is little that can be realistically done.
manoj
I am not opposed to increasng security, I am just in favour of
realistic measures
--
As I approached the intersection a stop sign suddenly appeared in a
place where no stop sign has ever appeared before. I was unable to
stop in time to avoid the accident.
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
Reply to: