On 08 Nov 2004 18:17:19 +0100
Peter Simons <simons@...> wrote:

> Dan Margolis writes:
> 
>  > [the Gentoo security process is] designed solely to
>  > promote the absolute best security we can offer, never to
>  > save face or gain marketshare.
> 
> Good. I have a proposal how to the security of the
> distribution could be enhanced by a bit. I have posted it 4
> times by now. It would be way cool if the proposal would
> find entry into the Gentoo security process so that a rather
> fundamental problem in the distribution process can be
> fixed. If there is a better way of doing things than what I
> have suggested, then I am all ears. Doing nothing, however,
> is not an answer I am prepared to accept and as of now I
> have no indication that this problem is being solved or even
> taken seriously.

The problem is that your proposal doesn't work for Gentoo as it's way
to centralized. You want to make a huge list with checksums for all
files and then sign that file. The major problem is that a) this list
would have to be regenerated at every commit or at least each rsync
update, b) signing would have to be automated which is pretty much a
no-go and c) it would have to be done on the cvs server or the master
rsync mirror, both are AFAIK already pretty loaded boxes. FYI: the rsync
update interval is 30 minutes and other actions have to be performed in
that window that probably interfere with the checksum generation.

Marius

-- 
Public Key at http://www.genone.de/info/gpg-key.pub

In the beginning, there was nothing. And God said, 'Let there be
Light.' And there was still nothing, but you could see a bit better.