Re: fakeroot a solution for multi-architecture building?
On Mon, 29 Sep 1997, Andreas Jellinghaus wrote:
> > For the builds to be possible automatically, this private
> > key has to be available somewhere on alpha-build in plaintext[1].
>
> you could enter the phrase to a program. this way you can only get the
> phrase if you access /dev/kmem. yes, this problem exist.
>
> summary : if you can't trust root on the build machine, you can't trust
> the packages it builds. for me it is the same deal like with all debian
> developers : i have to trust them and their machines.
>
> i see no difference. of course it will be easier to break into a build
> machine to add trojan horse, but master is even a better target.
>
> i agree with you : the build machines have to be safe.
Agreed.
One way to keep the AutoBuild machines more secure, would be to put the
archive, and its builder scripts on their own partition. The general rule
would be that this partition is not mounted and not referenced in fstab or
elsewhere. When the archive needs updating and build performed, the
partition get's mounted by a "real" human being, who feels secure in the
system (checked for breakins). After the builds get uploaded to master,
the partition get's unmounted, and all is "secure" again.
I agree that the machine should be given a pgp key, but an individual
should be the party responsible for its invocation. A vulnerable machine
with its activities determined by a set of cron jobs is not something we
should "identify" as a "developer".
Luck,
Dwarf
--
_-_-_-_-_-_- _-_-_-_-_-_-_-
aka Dale Scheetz Phone: 1 (904) 656-9769
Flexible Software 11000 McCrackin Road
e-mail: dwarf@polaris.net Tallahassee, FL 32308
_-_-_-_-_-_- If you don't see what you want, just ask _-_-_-_-_-_-_-
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: