Note: Due to technical difficulties, the Archives are currently not up to date.
GMANE provides an alternative service for most mailing lists. c.f. bug 424647
begin quote
On Thu, 1 Apr 2004 17:16:02 -0500
Mike Frysinger <vapier@g.o> wrote:
> and the reason i mentioned before is that manifests mean nothing ...
> the 'security' they were designed to offer is non existent and as
> such, i never felt they were worth regenerating
Well they do mean some things.
a) They block retarded rsync mirror issues from breasking compilations
and other such. (theres been a lot of such cases from time to time,
single-char errors that munge)
b) The manifests are checked with new portage, that means that all the
times you break this, others are caught with an hard error that will
refuse to merge it since the Manifest doesn't match.
I never thought that it was a security solution as things are, I don't
treat it as that. I see it as an infrastructure solution to prevent
issues with transfers, Modified ebuilds / Conflicts or rsync server
bangups.
If/when they are signed it is a security solution, but right now its
infrastructure. And I'm annoyed that people break said sanitychecks.
//Spider
--
begin .signature
Tortured users / Laughing in pain
See Microsoft KB Article Q265230 for more information.
end
|
|
