1 |
Marc Ballarin <Ballarin.Marc@×××.de> wrote: |
2 |
> The further problem is responsibility. A source package on an external |
3 |
> project's server is trojaned. A Gentoo developer signs the ebuild and |
4 |
> the source code. The trojan is discovered. Now, what should happen? |
5 |
> The developer has claimed implicitly, through his signature, that the |
6 |
> package is correct. |
7 |
> What do you do? Call the developer a liar, just lazy, or do you even |
8 |
> understand and accept the situation? |
9 |
> In any case, you can no longer trust this developers signature, in fact |
10 |
> you never could. |
11 |
|
12 |
Not so. Either you can't trust the developer, in which case his or |
13 |
her signature _can_ be trusted (within reason) as an indication of |
14 |
trouble; or it's just one of those things. Everyone makes a mistake |
15 |
now and then, and no cryptography can stop that. And at least you |
16 |
know (within reason) where the package came from, making analysis |
17 |
after the fact simpler. |
18 |
|
19 |
|
20 |
-- |
21 |
Barry.Schwartz@×××××××××××××.org http://www.chemoelectric.org |
22 |
If nothing is beneath them, and they control the machines of |
23 |
election, and if we know these things, then what fools are we who |
24 |
accept the election and plan for another like it? |
25 |
|
26 |
-- |
27 |
gentoo-security@g.o mailing list |