1 |
robbat2 08/10/28 07:45:07 |
2 |
|
3 |
Modified: glep-0057.txt |
4 |
Log: |
5 |
Fix references to other GLEPs in the series and headers. |
6 |
|
7 |
Revision Changes Path |
8 |
1.2 xml/htdocs/proj/en/glep/glep-0057.txt |
9 |
|
10 |
file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/proj/en/glep/glep-0057.txt?rev=1.2&view=markup |
11 |
plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/proj/en/glep/glep-0057.txt?rev=1.2&content-type=text/plain |
12 |
diff : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/proj/en/glep/glep-0057.txt?r1=1.1&r2=1.2 |
13 |
|
14 |
Index: glep-0057.txt |
15 |
=================================================================== |
16 |
RCS file: /var/cvsroot/gentoo/xml/htdocs/proj/en/glep/glep-0057.txt,v |
17 |
retrieving revision 1.1 |
18 |
retrieving revision 1.2 |
19 |
diff -p -w -b -B -u -u -r1.1 -r1.2 |
20 |
--- glep-0057.txt 21 Oct 2008 23:30:47 -0000 1.1 |
21 |
+++ glep-0057.txt 28 Oct 2008 07:45:07 -0000 1.2 |
22 |
@@ -1,13 +1,14 @@ |
23 |
GLEP: 57 |
24 |
Title: Security of distribution of Gentoo software - Overview |
25 |
-Version: $Revision: 1.1 $ |
26 |
-Last-Modified: $Date: 2008/10/21 23:30:47 $ |
27 |
+Version: $Revision: 1.2 $ |
28 |
+Last-Modified: $Date: 2008/10/28 07:45:07 $ |
29 |
Author: Robin Hugh Johnson <robbat2@g.o> |
30 |
Status: Draft |
31 |
Type: Informational |
32 |
Content-Type: text/x-rst |
33 |
Created: November 2005 |
34 |
Updated: May 2006, October 2006, Novemeber 2007, June 2008, July 2008, October 2008 |
35 |
+Post-History: |
36 |
|
37 |
Abstract |
38 |
======== |
39 |
@@ -105,10 +106,10 @@ security needs to be implemented: |
40 |
- Tree and distfile distribution from Infrastructure to Users, via the |
41 |
mirrors (this includes both HTTP and rsync distribution). |
42 |
|
43 |
-Both processes need their security improved. In [GLEPxx+2] we will discuss |
44 |
+Both processes need their security improved. In [#GLEPxx+2] we will discuss |
45 |
how to improve the security of the first process. The relatively |
46 |
speaking simpler process of file distribution will be described in |
47 |
-[GLEPxx+1]. Since it can be implemented without having to change the |
48 |
+[#GLEP58]. Since it can be implemented without having to change the |
49 |
workflow and behaviour of developers we hope to get it done in a |
50 |
reasonably short timeframe. |
51 |
|
52 |
@@ -150,7 +151,7 @@ modifications to our development process |
53 |
fully authorized to provide materials for distribution. Partial |
54 |
protection can be gained by Portage and Infrastructure changes, but the |
55 |
real improvements needed are developer education and continued |
56 |
-vigilance. This is further discussed in [GLEPxx+2]. |
57 |
+vigilance. This is further discussed in [#GLEPxx+2]. |
58 |
|
59 |
This security is still limited in scope - protection against compromised |
60 |
developers is very expensive, and even complex systems like peer review |
61 |
@@ -165,7 +166,7 @@ cannot be complete (as the User may be a |
62 |
that Gentoo infrastructure and the mirrors are not a weak point. This |
63 |
objective is actually much closer than it seems already - most of the |
64 |
work has been completed for other things!. This is further discussed in |
65 |
-[GLEP58]. As this process has the most to gain in security, and the |
66 |
+[#GLEP58]. As this process has the most to gain in security, and the |
67 |
most immediate impact, it should be implemented before or at the same |
68 |
time as any changes to process #1. Security at this layer is already |
69 |
available in the signed daily snapshots, but we can extend it to cover |