1 |
On Sun, 7 Sep 2003 19:55:39 +0000 |
2 |
Jan Krueger <jk@×××××××××××.net> wrote: |
3 |
|
4 |
> On Sunday 07 September 2003 17:39, Thomas de Grenier de Latour wrote: |
5 |
> |
6 |
> > You lack imagination: the bash scripts used by emerge are just |
7 |
> > as easy to corrupt using a src_install only ebuild. |
8 |
> |
9 |
> So this clearly is a bug that must be fixed. |
10 |
|
11 |
No. It is only an evidence that absolute security has no meaning for a |
12 |
turned on computer, and that safety only exists under some assumptions. |
13 |
With gentoo, this assumptions include at least the facts that |
14 |
developpers are not trying to compromise your servers, and that no |
15 |
intruder can interfer between them and you. |
16 |
I've choosed to believe in the first one, but if you have not, then |
17 |
no technical solution will never convince you (think of the famous Ken |
18 |
Thompson's paradox on trusting compilers [1]). |
19 |
The second one is less convincing because of mirrors, but can easily |
20 |
be replaced by a more robust one which is safety of some cryptographic |
21 |
algorithms and their implementation if at some point portage make use of |
22 |
gpg signatures. And it is true that this would be a good thing. |
23 |
|
24 |
[1] http://www.acm.org/classics/sep95/ |
25 |
|
26 |
-- |
27 |
TGL. |
28 |
|
29 |
-- |
30 |
gentoo-dev@g.o mailing list |