Re: Bits (Nybbles?) from the Vancouver release team meeting

To: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
Cc: Sven Luther <sven.luther@wanadoo.fr>, Thomas Bushnell BSG <tb@becket.net>, debian-devel@lists.debian.org
Subject: Re: Bits (Nybbles?) from the Vancouver release team meeting
From: Sven Luther <sven.luther@wanadoo.fr>
Date: Mon, 14 Mar 2005 19:15:49 +0100
Message-id: <[🔎] 20050314181549.GD17820@pegasos>
In-reply-to: <[🔎] 87ekeii0na.fsf@informatik.uni-tuebingen.de>
References: <20050314044505.GA5157@mauritius.dodds.net> <[🔎] Pine.LNX.4.62.0503140721080.4772@wr-linux02> <[🔎] 20050314073645.GA18997@quetzlcoatl.dodds.net> <[🔎] 20050314094629.GB6974@pegasos> <[🔎] 87is3u7cyn.fsf@becket.becket.net> <[🔎] 20050314101155.GI6974@pegasos> <[🔎] 87ekeii0na.fsf@informatik.uni-tuebingen.de>

On Mon, Mar 14, 2005 at 06:43:21PM +0100, Goswin von Brederlow wrote:
> Sven Luther <sven.luther@wanadoo.fr> writes:
> >> Where human delay did come into play was in getting the xfree86 mess
> >> cleaned; in theory it should have taken one or two days, but in
> >> practice it took much longer.
> >
> > Why not fully eliminate the human factor ? Ubuntu does automated build from
> > source only uploads, the package sources are built and signed by a developer,
> > autobuilt on all arches, and i don't believe they are individually signed
> > after that.
> 
> Security reasons?

Hum, ...

so the buildd admin really examine all the packages for deviation that a
compromised buildd could have incorporated before signing them ? Or that they
scan the machine for a compromise and always detect them before signing ? 

I seriously doubt that this may be a criteria, and as said, ubuntu does it, so
we could work something out as well if the will was there for that.

Friendly,

Sven Luther

Reply to:

Follow-Ups:
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Wouter Verhelst <wouter@grep.be>

References:
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Andreas Tille <tillea@rki.de>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Steve Langasek <vorlon@debian.org>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>

Prev by Date: Re: Bits (Nybbles?) from the Vancouver release team meeting
Next by Date: Re: Bits (Nybbles?) from the Vancouver release team meeting
Previous by thread: Re: Bits (Nybbles?) from the Vancouver release team meeting
Next by thread: Re: Bits (Nybbles?) from the Vancouver release team meeting
Index(es):
- Date
- Thread