| 1 |
-----BEGIN PGP SIGNED MESSAGE----- |
| 2 |
Hash: SHA512 |
| 3 |
|
| 4 |
On 12/28/2015 07:33 PM, Michał Górny wrote: |
| 5 |
> On Mon, 28 Dec 2015 21:24:14 +0300 trupanka@×××××.com wrote: |
| 6 |
> |
| 7 |
>> I’m suffering from the fact that users can distinguish packages |
| 8 |
>> containing binaries just by eye. There is no mechanism to |
| 9 |
>> allow/ignore such packages. For license restrictions we have |
| 10 |
>> ‘package.license/’ whitelist. |
| 11 |
>> |
| 12 |
|
| 13 |
.. |
| 14 |
|
| 15 |
> |
| 16 |
> And you already covered here how different the notion of 'binary' |
| 17 |
> (or rather, 'pre-built') can be. There could be pre-built stuff |
| 18 |
> that is arch-specific or otherwise of limited portability. There |
| 19 |
> could be pre-built stuff that is portable. There could be pre-built |
| 20 |
> stuff whose rebuilding isn't really meaningful at all. |
| 21 |
|
| 22 |
Sure it is, at least a reproducable build in order to compare and |
| 23 |
ensure no malware being installed. I'm reading this more from a |
| 24 |
security point of view than performance, and the question makes |
| 25 |
perfect sense. |
| 26 |
|
| 27 |
- -- |
| 28 |
Kristian Fiskerstrand |
| 29 |
Public PGP key 0xE3EDFAE3 at hkp://pool.sks-keyservers.net |
| 30 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
| 31 |
-----BEGIN PGP SIGNATURE----- |
| 32 |
|
| 33 |
iQEcBAEBCgAGBQJWg8pgAAoJECULev7WN52FTnYIAJoUrTdQCH4FkfvGR1HLIS0B |
| 34 |
SBg/GymkzWsWh0v2iTpW1RSG8R1fFbZn1sZwyKve5GOW+WaxQz5a5P731UiB5h5I |
| 35 |
cHiy9FfoCSpDadNqIVhyx+NMB10W1yiPoe7sea98ZtYsAWlrpAEbfHtvHVcfveNg |
| 36 |
HuxjAKu1cLil9XdZ9GHSMpEPcgq0LoKY2q3Mrq/J+XwUs1akSOa2NrX9QFSdpmJA |
| 37 |
hbustOWRqqLWkCXrDwau19J1LuM8HPFoiviA00qGmvOtp+RcZT+1NuHRYFCR4wI9 |
| 38 |
W9eYj8zWs/HzcubmheuY0Mk6D3Jkp1nxrsgvq9uceXTZ0TUqqD3JZzWUX/vIV2k= |
| 39 |
=vjF1 |
| 40 |
-----END PGP SIGNATURE----- |
Archives