1 |
begin quote |
2 |
On Thu, 1 Apr 2004 17:16:02 -0500 |
3 |
Mike Frysinger <vapier@g.o> wrote: |
4 |
|
5 |
> and the reason i mentioned before is that manifests mean nothing ... |
6 |
> the 'security' they were designed to offer is non existent and as |
7 |
> such, i never felt they were worth regenerating |
8 |
|
9 |
|
10 |
Well they do mean some things. |
11 |
a) They block retarded rsync mirror issues from breasking compilations |
12 |
and other such. (theres been a lot of such cases from time to time, |
13 |
single-char errors that munge) |
14 |
|
15 |
b) The manifests are checked with new portage, that means that all the |
16 |
times you break this, others are caught with an hard error that will |
17 |
refuse to merge it since the Manifest doesn't match. |
18 |
|
19 |
I never thought that it was a security solution as things are, I don't |
20 |
treat it as that. I see it as an infrastructure solution to prevent |
21 |
issues with transfers, Modified ebuilds / Conflicts or rsync server |
22 |
bangups. |
23 |
|
24 |
If/when they are signed it is a security solution, but right now its |
25 |
infrastructure. And I'm annoyed that people break said sanitychecks. |
26 |
|
27 |
|
28 |
|
29 |
//Spider |
30 |
|
31 |
|
32 |
-- |
33 |
begin .signature |
34 |
Tortured users / Laughing in pain |
35 |
See Microsoft KB Article Q265230 for more information. |
36 |
end |