[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trust in the Debian Build Process

On 16 Nov 1998, Thomas Roessler wrote:
[snip]
> Centralize the actual build process. Use a well-defined and
  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Are you saying we should all build on master? Or even a group of machines
under master? Even the Novare guys who physically host many of our
machines must have root access to i.e. shut it down for hardware upgrades,
etc.

Most of the Debian developers build on machines controlled my them,
meaning _they_ are the only ones with root access. So a BOFH shared libs
attack would not work. Why damage your own system? But now, the "malicious
developer" is a valid point. Usually they are caught and
execut^H^H^H^Hpelled from the Debian project.

> well-secured set of machines for automatically building the binary
> packages.  Sign the generated binary packages with a central code
> signing key.  Have the maintainers sign the diff files they submit.
> Provide digital signatures for the source tar balls.
[snip]


--
Robert S. Edmonds
+-------------------------------------------------------+
| Debian developer         |      http://www.debian.org |
| Freshmeat staff member   |       http://freshmeat.net |
| NetWinder developer      |   http://www.netwinder.org |
| stu@novare.net           |    http://www.stu.ddns.org |
+-------------------------------------------------------+
VFS: Busy inodes after unmount. Self-destruct in 5 seconds.  Have a nice day...
Reply to: