| 1 |
Marko Mikulicic <marko@××××.org> wrote: |
| 2 |
> Yannick Koehler wrote: |
| 3 |
> and then |
| 4 |
> > propose or take it from the distribution system. Basically the |
| 5 |
> > same as ccache ;-) |
| 6 |
> > |
| 7 |
> |
| 8 |
> I like the idea. I was thinking of something similar. |
| 9 |
> I think it's possible to hash the use flags used to build |
| 10 |
> the package and compare it to the package to be downloaded. |
| 11 |
|
| 12 |
I see another problem with this. There is no way to make the packages trusted. |
| 13 |
In the portage tree, every downloaded file is checked against a MD5 hash. |
| 14 |
This means, I have to trust the person who build the port. This is not |
| 15 |
a big problem to me, because those people are "near" to the gentoo core, |
| 16 |
and everybody can check the MD5s against the official downloads of the packet. |
| 17 |
|
| 18 |
I can't do this sort of check agains precompiled binaries, because every binary |
| 19 |
would have a different MD5. The only way to check would to compile the package |
| 20 |
myself with the same flags, thus defeating the purpose. |
| 21 |
Using those binary packages means to trust every user of gentoo, that he |
| 22 |
doesn't put trojans or whatever on my system. |
| 23 |
|
| 24 |
My 0,02 EUR |
| 25 |
Nils |
| 26 |
|
| 27 |
-- |
| 28 |
The primary purpose of the DATA statement is to give names to |
| 29 |
constants; instead of referring to pi as 3.141592653589793 at every |
| 30 |
appearance, the variable PI can be given that value with a DATA |
| 31 |
statement and used instead of the longer form of the constant. This |
| 32 |
also simplifies modifying the program, should the value of pi change. |
| 33 |
|
| 34 |
-- FORTRAN manual for Xerox Computers |
| 35 |
Nils Decker <ndecker@×××.de> |
Archives