1 |
> Is it really that simple? And to fix it is so easy.. just keep a list of |
2 |
> people allowed to modify each directory. Developers sign, users check. |
3 |
|
4 |
We have a list of people allowed to modify each directory: every dev! |
5 |
That's by design, it is quite deliberate, and the reasons are both trust |
6 |
and efficiency. That trust is one of the key things that makes working |
7 |
on Gentoo so much fun, and anything that would destroy that trust is not |
8 |
something that will be considered lightly. |
9 |
|
10 |
My (admittedly very naive) view about this thread is that most people |
11 |
are unlikely to cause damage if it would be easy to trace the damage |
12 |
back to the individual, so our devs are not likely to be the main source |
13 |
of compromise. Thus, using gpg to remove a remote compromise threat |
14 |
does seem quite reasonable to me. |
15 |
|
16 |
All that said, this topic makes my brain hurt rather badly, so I'm |
17 |
leaving the details up to the security team who eat and breathe this stuff. |
18 |
|
19 |
-g2boojum- |