Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-dev
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-dev@g.o
From: Spider <spider@g.o>
Subject: Re: Tree breakage
Date: Fri, 2 Apr 2004 11:05:28 +0200
begin  quote
On Thu, 1 Apr 2004 17:16:02 -0500
Mike Frysinger <vapier@g.o> wrote:

>  and the reason i mentioned  before is that manifests mean nothing ...
> the 'security' they were designed to offer is non existent and as
> such, i  never felt they were worth regenerating


Well they do mean some things.
a) They block retarded rsync mirror issues from breasking compilations
and other such. (theres been a lot of such cases from time to time,
single-char errors that munge)

b) The manifests are checked with new portage, that means that all the
times you break this, others are caught with an hard error that will
refuse to merge it since the Manifest doesn't match.

I never thought that it was a security solution as things are,  I don't
treat it as that. I see it as an infrastructure solution to prevent
issues with transfers, Modified ebuilds / Conflicts or rsync server
bangups.  

If/when they are signed it is a security solution, but right now its
infrastructure.  And I'm annoyed that people break said sanitychecks.



//Spider


-- 
begin  .signature
Tortured users / Laughing in pain
See Microsoft KB Article Q265230 for more information.
end
Attachment:
pgpfnlEToKcJT.pgp (PGP signature)
References:
Tree breakage
-- Spider
Re: Tree breakage
-- Mike Frysinger
Navigation:
Lists: gentoo-dev: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Tree breakage
Next by thread:
Re: Tree breakage
Previous by date:
Re: separate debug information
Next by date:
Re: Tree breakage


Updated Jun 17, 2009

Summary: Archive of the gentoo-dev mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.