Re: Recompilation of ALL Debian packages ...
martin f krafft <firstname.lastname@example.org> writes:
> also sprach Russ Allbery <email@example.com> [2006.09.02.0141 +0200]:
>> I honestly think the security argument for doing this is silly.
> Clients do not want to hear something like that.
People frequently don't want to hear that ideas they've latched on to
don't really have much basis in fact. If I were expressing that directly
with a client, I would probably use a softer expression of the idea than
"silly," of course. I would, however, not want to let someone keep the
notion that binaries are dangerous but source code is somehow safer. It's
not true (at least in any significant sense), nor is it true that
source-only uploads provide any more accountability than the system we
Source-code trojans are more dangerous because people fear binaries but
think that if they've compiled it, it's fine, when the only real
distinction is between code that's been audited and code that hasn't.
Binaries built and uploaded by a maintainer who audits the upstream code
are significantly safer than uncompiled source code uploaded by a
maintainer who doesn't.
You're probably not going to convince me on this, so it may not be worth
wasting time on arguing about it when we both agree on the fundamental
Russ Allbery (firstname.lastname@example.org) <http://www.eyrie.org/~eagle/>