Re: Recompilation of ALL Debian packages ...
Henrique de Moraes Holschuh <hmh@debian.org> wrote:
> > - Eliminate the wait for the buildd for the first architecture.
>
> Not acceptable.
Rather, you would not find that acceptable.
> It will cause a time window where a trojaned binary package
> might be active,
True.
> and since it would later have a new clean one replacing it,
> it would be even worse to detect the problem.
>
> If you are to replace the uploaded binary debs with ones rebuilt from
> source, do it right: do not install the "untrusted" binary debs to the
> archive anywhere, and don't let them get to incoming.d.o, either.
I would rather that Debian offered users the choice of a more timely
binary compiled by the DD or a later binary compiled by a buildd.
>> - Allow an automated comparison of the two .debs.
>
>This is worth doing, but difficult to get right.
Having both versions available would help in diagnosing any
differences, especially while the comparison utility was still being
tuned.
- Jim Van Zandt
Reply to: