| 1 |
On Sun, 7 Sep 2003 19:55:39 +0000 |
| 2 |
Jan Krueger <jk@×××××××××××.net> wrote: |
| 3 |
|
| 4 |
> On Sunday 07 September 2003 17:39, Thomas de Grenier de Latour wrote: |
| 5 |
> |
| 6 |
> > You lack imagination: the bash scripts used by emerge are just |
| 7 |
> > as easy to corrupt using a src_install only ebuild. |
| 8 |
> |
| 9 |
> So this clearly is a bug that must be fixed. |
| 10 |
|
| 11 |
No. It is only an evidence that absolute security has no meaning for a |
| 12 |
turned on computer, and that safety only exists under some assumptions. |
| 13 |
With gentoo, this assumptions include at least the facts that |
| 14 |
developpers are not trying to compromise your servers, and that no |
| 15 |
intruder can interfer between them and you. |
| 16 |
I've choosed to believe in the first one, but if you have not, then |
| 17 |
no technical solution will never convince you (think of the famous Ken |
| 18 |
Thompson's paradox on trusting compilers [1]). |
| 19 |
The second one is less convincing because of mirrors, but can easily |
| 20 |
be replaced by a more robust one which is safety of some cryptographic |
| 21 |
algorithms and their implementation if at some point portage make use of |
| 22 |
gpg signatures. And it is true that this would be a good thing. |
| 23 |
|
| 24 |
[1] http://www.acm.org/classics/sep95/ |
| 25 |
|
| 26 |
-- |
| 27 |
TGL. |
| 28 |
|
| 29 |
-- |
| 30 |
gentoo-dev@g.o mailing list |
Archives