Re: Rebuilding packages on *all* architectures
On Mon, 20 Sep 2004 06:15, martin f krafft <madduck@debian.org> wrote:
> I want to add another point to this discussion. While we cannot
> prevent malicious maintainers from installing to the archives or
> poisoning the buildds, requiring all binaries to be remade on the
> buildds would rule out the possibility that an trojaned maintainer's
> machine would cause infected software to be distributed in the
> archives.
>
> Security it not absolute. But requiring all architectures to be
> rebuilt does add a significant amount of security, IMHO.
Requiring all packages to be rebuilt will prevent the binary from not matching
the source.
But what if the source is modified? Taking over a DD's machine and modifying
the source tree that is used to make the .diff.gz shouldn't be impossible.
We don't have any source auditing processes that could deal with this.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: