[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Rebuilding packages on *all* architectures

I want to add another point to this discussion. While we cannot
prevent malicious maintainers from installing to the archives or
poisoning the buildds, requiring all binaries to be remade on the
buildds would rule out the possibility that an trojaned maintainer's
machine would cause infected software to be distributed in the

Security it not absolute. But requiring all architectures to be
rebuilt does add a significant amount of security, IMHO.

Please do not CC me when replying to lists; I read them!
 .''`.     martin f. krafft <madduck@debian.org>
: :'  :    proud Debian developer, admin, and user
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!

Attachment: signature.asc
Description: Digital signature

Reply to: