Re: Bug#241689: I'm going to NMU this

To: debian-devel@lists.debian.org
Subject: Re: Bug#241689: I'm going to NMU this
From: Sebastian Ley <sebastian.ley@mmweg.rwth-aachen.de>
Date: Tue, 31 Aug 2004 16:41:49 +0200
Message-id: <[🔎] 200408311641.51041.sebastian.ley@mmweg.rwth-aachen.de>
In-reply-to: <[🔎] 87k6vf8jdl.fsf@toncho.dhh.gt.org>
References: <E1C1QyD-00085t-2y@dual> <[🔎] 20040831130326.GK458@riva.ucam.org> <[🔎] 87k6vf8jdl.fsf@toncho.dhh.gt.org>

* John Hasler wrote:
> Colin Watson writes:
> > Do you not think it is important for sponsors to verify what they're
> > sponsoring against trojans? How do you propose to verify a lump of binary
> > data you've received?
>
> By receiving both binary and source, verifying as you would with a full
> upload, and then uploading only the binary?

And how do you ensure that the binary is built from the source you received?

Sebastian

-- 
PGP-Key: http://www.mmweg.rwth-aachen.de/~sebastian.ley/public.key
Fingerprint: A46A 753F AEDC 2C01 BE6E  F6DB 97E0 3309 9FD6 E3E6

Reply to:

References:
- Re: Bug#241689: I'm going to NMU this
  - From: Colin Watson <cjwatson@debian.org>
- Re: Bug#241689: I'm going to NMU this
  - From: John Hasler <john@dhh.gt.org>

Prev by Date: Re: Bug#241689: I'm going to NMU this
Next by Date: Re: Bug#241689: I'm going to NMU this
Previous by thread: Unofficial buildd network has been shut down
Next by thread: Re: Bug#241689: I'm going to NMU this
Index(es):
- Date
- Thread