| 1 |
Am Montag 30 März 2009 16:37:09 schrieb Philipp Riegger: |
| 2 |
> > Or add another group of trusted builders, who sign their packages |
| 3 |
> > with GnuPG. |
| 4 |
> |
| 5 |
> And how will you find and identify trustworthy people? |
| 6 |
|
| 7 |
The same way we find trusted devs, but with laxer coding ability requirements. |
| 8 |
|
| 9 |
> > For convenience it would be great, if people could tellportage their |
| 10 |
> > builder- ID and have portage upload generated packages automatically. |
| 11 |
> |
| 12 |
> Are you crazy? That would lead to hundreds od users uploading the same |
| 13 |
> package with a different signature, because no one can trust the |
| 14 |
> other. |
| 15 |
> |
| 16 |
> > That way we'd avoid building any package with teh same configuration |
| 17 |
> > twice. |
| 18 |
> |
| 19 |
> So if my package with the backdoor gets uploaded first, I win? |
| 20 |
|
| 21 |
If you managed to get into the trusted group, then you can wreak havoc, sure. |
| 22 |
|
| 23 |
Others already answered better than me, why this currently isn't an issue. |
| 24 |
|
| 25 |
> This is totally unimportant. Sure, technically it can be done, but you |
| 26 |
> can never make it secure without really checking who is allowed to |
| 27 |
> upload packages or using centrally managed servers. And in the first |
| 28 |
> case you get much too much overhead. |
| 29 |
|
| 30 |
You could simply check whose packages you trust. |
| 31 |
|
| 32 |
> > Besides: One advantage of the Hash over all active USE flags as |
| 33 |
> > opposed to a bitvector of all USE flags is that this Hash will be the |
| 34 |
> > same for all packages with the same active USE flags, so there will |
| 35 |
> > be a lower number of distinct USE hashes. That way they can more |
| 36 |
> > easily be used to query for packages (that's a possible optimization |
| 37 |
> > for p2p: search by package name + version + USE hash + Host SLOT). |
| 38 |
> |
| 39 |
> That is wrong. The function creating the packed binary vector is |
| 40 |
> nothing but a reversible hash function. You take the activated |
| 41 |
> USE-flags and the package name and version and get the "hash", |
| 42 |
|
| 43 |
I would simply use only the active USE flags to get the USE Hash and keep the |
| 44 |
package name and version in the name - and out of the hash (I think something |
| 45 |
got muddled up in discussion here). |
| 46 |
|
| 47 |
> There is exactly one problem I know of with my approach, which I |
| 48 |
> already mentioned but no one seems to be interested in: It needs a |
| 49 |
> fixed set of USE-flags per package name and version, or it needs to be |
| 50 |
> extended/it can become ambiguous. But this is just a policy that can be |
| 51 |
> enforced if people see the benefit. |
| 52 |
|
| 53 |
The available USE flags are defined in the ebuilds. They can change at any |
| 54 |
moment, but as far as I know you then get a new version of the ebuild (i.e. |
| 55 |
...-r2.ebuild). (If I'm wrong, please write so!) |
| 56 |
|
| 57 |
But though I prefer using a hash for the USE flags, this is really no hard |
| 58 |
blocker - and it's certainly not worth that we squabble over it. |
| 59 |
|
| 60 |
If you want to implement it as a bitvector and this will have no disadvantages |
| 61 |
over using a hash (no added maintenance cost, no missing possibilities and no |
| 62 |
restrictions on the workflow of ebuild maintainers), then just use a bitvector |
| 63 |
- but make sure it's encoded filename- and url-safe. |
| 64 |
|
| 65 |
Best wishes, |
| 66 |
Arne |
| 67 |
-- |
| 68 |
-- Ein Würfel System: http://1w6.org - einfach saubere (Rollenspiel-) Regeln. |
| 69 |
-- Infinite Hands: http://infinite-hands.draketo.de - singing a part of the |
| 70 |
history of free software. |
| 71 |
-- My stuff: http://draketo.de - stories, songs, poems, programs and stuff :) |
| 72 |
|
| 73 |
-- PGP/GnuPG: http://draketo.de/inhalt/ich/pubkey.txt |
Archives