| 1 |
Marc Ballarin <Ballarin.Marc@×××.de> wrote: |
| 2 |
> The further problem is responsibility. A source package on an external |
| 3 |
> project's server is trojaned. A Gentoo developer signs the ebuild and |
| 4 |
> the source code. The trojan is discovered. Now, what should happen? |
| 5 |
> The developer has claimed implicitly, through his signature, that the |
| 6 |
> package is correct. |
| 7 |
> What do you do? Call the developer a liar, just lazy, or do you even |
| 8 |
> understand and accept the situation? |
| 9 |
> In any case, you can no longer trust this developers signature, in fact |
| 10 |
> you never could. |
| 11 |
|
| 12 |
Not so. Either you can't trust the developer, in which case his or |
| 13 |
her signature _can_ be trusted (within reason) as an indication of |
| 14 |
trouble; or it's just one of those things. Everyone makes a mistake |
| 15 |
now and then, and no cryptography can stop that. And at least you |
| 16 |
know (within reason) where the package came from, making analysis |
| 17 |
after the fact simpler. |
| 18 |
|
| 19 |
|
| 20 |
-- |
| 21 |
Barry.Schwartz@×××××××××××××.org http://www.chemoelectric.org |
| 22 |
If nothing is beneath them, and they control the machines of |
| 23 |
election, and if we know these things, then what fools are we who |
| 24 |
accept the election and plan for another like it? |
| 25 |
|
| 26 |
-- |
| 27 |
gentoo-security@g.o mailing list |
Archives