1 |
I like that idea very much, but it seems quite impractical. There are |
2 |
many stages where things could go wrong and it will make things more |
3 |
complicate for packagers and end-users alike. |
4 |
It might be more feasible if there are two separate options added to |
5 |
emerge, one being to not check sums on packages and then the second to |
6 |
not check sums on the individual files. |
7 |
Then there is the issue of clutter and wasting space. I guess you could |
8 |
put them all in a folder like Manifest or Sums or something, but |
9 |
still... |
10 |
|
11 |
Don't know how well it'd go over -- |
12 |
buts a good idea. :) |
13 |
|
14 |
* Anthony |
15 |
|
16 |
On Mon, 2004-02-16 at 22:20, Brian Klauss wrote: |
17 |
> Why not take package security one step deeper to ensure the validity |
18 |
> of every ebuild and source-tree? |
19 |
> |
20 |
> Instead of relying upon a master hash of the compressed package, |
21 |
> create a hash for each source file, documentation, makefile, etc., and |
22 |
> as part of the emerge process, the application validates the |
23 |
> compressed hash, then looks at each decompressed file and compares the |
24 |
> hash value of it against a master repository. |
25 |
> |
26 |
> Once everything checks out, we then guarantee that the compressed |
27 |
> package and all related source files are true to the source as it was |
28 |
> created since the master hash tables are contained in the master |
29 |
> repository instead of within the compressed file (which can be |
30 |
> altered). |
31 |
> |
32 |
> Just an idea, and if I am way off, let me know. |
33 |
> |
34 |
> Brian... |
35 |
-- |
36 |
Please avoid sending me Word or PowerPoint attachments. |
37 |
See http://www.fsf.org/philosophy/no-word-attachments.html |
38 |
|
39 |
|
40 |
|
41 |
-- |
42 |
gentoo-security@g.o mailing list |