Successfully attacking ALL individual developers, with each own individual security weaknesses, seems to me more costly than attacking a single known publicly run instance like tag2upload or Salsa.
The thing is, you don't need to hack ALL of them to succeed. You only need one – the one with the worst security-to-usefulness (to the attacker) ratio, as XZ amply demonstrated. At that point it's game over.
Also, we can audit t2u if we decide to. We can write a second implementation, in a different language and using a different container runtime for running dgit, and verify that the output is the same. Or we can implement the task in dak directly.
We can harden the container. Heck we can even use a separate
computer if we decide that VMs aren't good enough, do a hard
reboot between packages, and use dm-verity to ensure that its disk
isn't tampered with, but that's way beyond what our buildds are
doing so probably overkill.
We cannot audit (not as easily anyway) source packages that get
built on some DD's laptop.
-- -- regards -- -- Matthias Urlichs
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature