[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Official cloud image requirements



Le Sat, Jun 06, 2020 at 11:37:17AM +0200, Emmanuel Kasper a écrit :
> 
> AFAIK there is general consensus amongst us that we want the cloud
> images to be built on the Debian infrastructure, not on the cloud
> provider infrastructure.

Hi Emmanuel,

just for the record, here is what you added:

* '''E. all cloud-related images have to be built on Debian
  infrastructure''' (for instance Salsa, Casulana, Patterson machines).
  This is to avoid risks that some cloud providers might injects their
  code.

I do not oppose the requirement, but I have a long-standing question
that I asked when we were criticised for building Amazon images on the
Amazon cloud, and that was never answered:

 -> When a cloud provider can inject some code at build time, isn't it
 as easy for it to inject the code at run time, or to instance virtual
 machines with a tampered images while pretending to use the official
 one ?

Again, there are other advantages anyway to centralise image building.
But a more comprehensive risk assessment of running our official images
in untrusted clouds would be neat.

And the answer is not urgent of course, thus,

Have a nice week-end :)

(By the way, my email server where my @debian messages transit is hosted
in the Amazon cloud since I moved in a building where self-hosting is
difficult because not only of network congestion, but also heat and
humidity !)

-- 
Charles Plessy
Akano, Uruma, Okinawa, Japan


Reply to: