❦ 24 août 2015 22:30 +0100, Colin Tuckley <colint@debian.org> : >> We have pushed other archive-wide goals that were not shared by >> all upstreams. For example, we have enabled hardening build flags >> on almost all packages and for packages that don't obey to the >> appropriate flags, bugs with severity "important" were filed. >> That's not that different of a reproducible build. > > Sorry, but it's a *completely* different situation. The hardening > initiative made applications more secure and tamper resistant. The r-b > changes do nothing useful post-build. Letting people independently check that the builds are not tampered is also a security application of reproducible builds. This is notably important for the binary packages that have been built on a maintainer machine instead of a builder. -- Write and test a big program in small pieces. - The Elements of Programming Style (Kernighan & Plauger)
Attachment:
signature.asc
Description: PGP signature