Re: buildd hosts
On Thu, Apr 26, 2001 at 11:51:10AM -0700, Mike Fedyk wrote:
> On Thu, Apr 26, 2001 at 01:26:28PM -0500, Christian T. Steigies wrote:
> > On Thu, Apr 26, 2001 at 11:15:50AM -0700, Mike Fedyk wrote:
> > > On Thu, Apr 26, 2001 at 11:52:34AM -0500, Michael Shuey wrote:
> > > > I believe Mike isn't asking how I'd verify access for Debian developers on
> > > > my machine; he's asking how you Debian developers can prove that I haven't
> > > > modified my Mac to insert untrusted binaries into the distribution. Keep
> > > > in mind I'm not a Debian developer, so my PGP keys aren't on the official
> > > > keyring. I'm just some guy with a spare Mac. :-)
> > > >
> > > Yes, that's it exactly...
> > These days most packages are built in a chroot. You don't know what a chroot
> > is? How do you want to put untrusted binaries in it ;-)
> Yes, I know about chrooting, but not the intricacies of that environment.
> I've read about modified compiler binaries producing more modified binaries.
the old KT login story? This will never work in practice.
> > Basically, the buildd maintainer on that machine installs another system
> > from scratch which runs inside your running linux by downloading packages
> > from the debian servers or by unpacking a prepared chroot onto your machine.
> > We trust Michael when he built that chroot.tgz (as Michael trusts me when
> > Roman and James wrote buildd and sbuild). And maybe you trust me when I
> > built the last base.tgz...
> > I think it'd be rather hard for you to get untrusted binaries into the
> > building system, not impossible, but a complete waste of time (who would be
> > hit by untrusted binaries after all? Only the buildd machines, or does any
> > serious business run on m68ks?). I think if somebody wanted to play jokes on
> > us, he'd pick any arch but m68k... (this is not an invitation!).
> I know we're all volunteers, but this makes me wonder how hard it would be
> to really mess up the debian project like this. I'm probably not the first
> to think of this too.
pretty easy I would say, at least 99% chance it is a compiler or other bug
and not by intent. It seems to me that all distros are somewhat messed up