On Tue, 2017-10-31 at 15:58 +0000, Steve McIntyre wrote: [...] > On Wed, Oct 11, 2017 at 09:48:46PM -0300, Helen Koike wrote: [...] > > Is this solution acceptable? If we have an easy way to revoke, then we > > can easily undo an attacker's work. We can sign everything automatically > > (if the package is in a whitelist) without the need for the ftp masters > > to review each upload manually. > > Right. Wanting to go the revocation route would depend on the > development of yet more new software features. But: this is not > something that any of the other SB-supporting distros seem to be > caring about so far so I don't think it's something we should have to > implement as a pre-requisite. [...] As I understand it, SUSE has implemented some kind of downgrade prevention. Ben. -- Ben Hutchings Beware of programmers who carry screwdrivers. - Leonard Brandwein
Attachment:
signature.asc
Description: This is a digitally signed message part