Re: MIPS port backlog, autobuilder machines and some arrogance

[Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>]

ij@ax.westfalen.de writes:

> In article <SQZL.2pM.15@gated-at.bofh.it> you wrote:
> >> Not quite. Ingo is volunteering to provide a MIPS buildd, but since he's
> >> not a Debian Developer, he can't handle its logs. Thus, he's asked me,
> > Its intresting to note that Debian trusts several NMs and normal users
> > to host and maintain their buildds (giving them access to silently
> > backdoor every deb thats build there) but not enough to make them DDs.
> 
> Hmmm, well, to become a DD I would have to apply as a DD, right? And that´s
> what I´m trying to avoid for some certain reasons. 
> Regarding the backdoor issue... you have not the guarantee that even
> certified DDs don´t do this, as well as I don´t have a guarantee that the
> developers that have an account on that machine don´t do something harmfull
> with that... ;))

DDs have to sign and upload a package with a backdoor.

On the buildd I can install a gcc or other tool that will silently add
a backdoor to anything getting compiled and the buildd admin will sign
and upload the package for me.

Much more anonymous.

MfG
        Goswin