Re: Using buildds only (was: Results of the meeting...)

To: debian-devel@lists.debian.org
Subject: Re: Using buildds only (was: Results of the meeting...)
From: Hamish Moffatt <hamish@debian.org>
Date: Tue, 23 Aug 2005 08:48:11 +1000
Message-id: <[🔎] 20050822224811.GA6803@cloud.net.au>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 1124719727.4309dc6f0b082@webmail.in-berlin.de>
References: <20050821015824.GT16930@country.grep.be> <[🔎] 4308B9D7.4050305@jones.dk> <[🔎] 20050822062417.GA16866@localhost.localdomain> <[🔎] 1124700358.430990c6b8240@webmail.in-berlin.de> <[🔎] 20050822122242.GA32115@hezmatt.org> <[🔎] 20050822133140.GB32258@piware.de> <[🔎] 20050822134758.GA1326@cloud.net.au> <[🔎] 1124719727.4309dc6f0b082@webmail.in-berlin.de>

On Mon, Aug 22, 2005 at 04:08:47PM +0200, W. Borgert wrote:
> Quoting Hamish Moffatt <hamish@debian.org>:
> > There is the possibility that developer builds get extra features
> > enabled due to other installed libraries etc. This could be checked for
> > by analysing the packages files for different architectures or similar.
> 
> This is a really nice idea: A DD with a strange sense of humour
> could "enable an extra feature" in their binary package, that is
> not in the source code - at least not in the uploaded source.
> Could be a virus, a Trojan horse, a root kit, a time-bomb.  As
> >= 95% of our users have i386, it's easy to generate nice damage.

That isn't what I meant. I meant that the developer might have some
other installed package found by configure and used, which wouldn't be
present in the clean buildd environment.

It may be possible to compare the dependencies of each package across
architectures to detect this - not at upload time, but asynchronously.
(Developers do plenty of other such archive-wide tests now and report
back through the BTS, debian-devel etc.)

Hamish
-- 
Hamish Moffatt VK3SB <hamish@debian.org> <hamish@cloud.net.au>

Reply to:

Follow-Ups:
- Re: Using buildds only
  - From: Bernd Eckenfels <ecki@lina.inka.de>

References:
- Re: Results of the meeting in Helsinki about the Vancouver proposal
  - From: Jonas Smedegaard <dr@jones.dk>
- Re: Results of the meeting in Helsinki about the Vancouver proposal
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Using buildds only (was: Results of the meeting...)
  - From: "W. Borgert" <debacle@debian.org>
- Re: Using buildds only (was: Results of the meeting...)
  - From: Matthew Palmer <mpalmer@debian.org>
- Re: Using buildds only (was: Results of the meeting...)
  - From: Martin Pitt <mpitt@debian.org>
- Re: Using buildds only (was: Results of the meeting...)
  - From: Hamish Moffatt <hamish@debian.org>
- Re: Using buildds only (was: Results of the meeting...)
  - From: "W. Borgert" <debacle@debian.org>

Prev by Date: Re: vancouver revisited
Next by Date: How coldplug works
Previous by thread: Re: Using buildds only (was: Results of the meeting...)
Next by thread: Re: Using buildds only
Index(es):
- Date
- Thread