[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Recompilation of ALL Debian packages ...

Henrique de Moraes Holschuh <hmh@debian.org> wrote:
>   >  - Eliminate the wait for the buildd for the first architecture.
>   Not acceptable.

Rather, you would not find that acceptable.

>   It will cause a time window where a trojaned binary package
>   might be active, 


>   and since it would later have a new clean one replacing it,
>   it would be even worse to detect the problem.
>   If you are to replace the uploaded binary debs with ones rebuilt from
>   source, do it right: do not install the "untrusted" binary debs to the
>   archive anywhere, and don't let them get to incoming.d.o, either.

I would rather that Debian offered users the choice of a more timely
binary compiled by the DD or a later binary compiled by a buildd.

>>  - Allow an automated comparison of the two .debs.  
>This is worth doing, but difficult to get right.

Having both versions available would help in diagnosing any
differences, especially while the comparison utility was still being

            - Jim Van Zandt

Reply to: