| 1 |
I do agree with you, there are important security issues with pre-compiled |
| 2 |
packages. |
| 3 |
|
| 4 |
Although gentoo would not be the first distro / OS to provide binary packages. |
| 5 |
Does this mean that all others are insecure? Certainly not. Packages would |
| 6 |
simply have to come from a trusted source. |
| 7 |
|
| 8 |
Pre-compiled is certainly not for every users. I do prefer to compile my own |
| 9 |
packages most of the time. Although, some times I think it would be nice to |
| 10 |
have some kind of repository of pre-compiled packages where I could check if |
| 11 |
a particuliar package is available for my architecture and save hours of |
| 12 |
compile time. |
| 13 |
|
| 14 |
|
| 15 |
Thank you, |
| 16 |
|
| 17 |
Cedric |
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
On October 6, 2002 05:31 pm, Owen Stampflee wrote: |
| 24 |
> On Sunday 06 October 2002 2:30 pm, Cedric Veilleux wrote: |
| 25 |
> > I seem to be one of the few gentoo user who would like to use a |
| 26 |
> > few binary packages to save some compilation time when needed... I made |
| 27 |
> > these packages available, hoping that more people will do the same and |
| 28 |
> > eventually some form of organized repository or peer 2 peer system is put |
| 29 |
> > in place.. |
| 30 |
> |
| 31 |
> bad bad idea. Think security. |
| 32 |
> Malicious contributor a, puts out a package that includes some bad holes, |
| 33 |
> that malicious contributor now owns your computer. |
| 34 |
> |
| 35 |
> Have a nice day, |
| 36 |
> Owen |
Archives