❦ 24 août 2015 22:30 +0100, Colin Tuckley <colint@debian.org> :
>> We have pushed other archive-wide goals that were not shared by
>> all upstreams. For example, we have enabled hardening build flags
>> on almost all packages and for packages that don't obey to the
>> appropriate flags, bugs with severity "important" were filed.
>> That's not that different of a reproducible build.
>
> Sorry, but it's a *completely* different situation. The hardening
> initiative made applications more secure and tamper resistant. The r-b
> changes do nothing useful post-build.
Letting people independently check that the builds are not tampered is
also a security application of reproducible builds. This is notably
important for the binary packages that have been built on a maintainer
machine instead of a builder.
--
Write and test a big program in small pieces.
- The Elements of Programming Style (Kernighan & Plauger)
Attachment:
signature.asc
Description: PGP signature