Re: buildds: "Authentication warning overridden."
Michael Banck wrote:
> Won't somebody else stop the attack in their place then, who does check
> the signatures?
If a mirror is compromised, unless I'm missing something, it won't be
updated until ftp-master sends a mirror push. And the period of time
between the last mirror push, the compromise and the next mirror push might
be enough for a buildd to download a compromised package.
The buildd owners would be unable to know that the mirror they use was
compromised and thus they would probably sign a .changes file for a package
which might also be compromised (introducing a signature-verified
compromised package in the archive, affecting all users).