1 |
Am Montag 30 März 2009 16:37:09 schrieb Philipp Riegger: |
2 |
> > Or add another group of trusted builders, who sign their packages |
3 |
> > with GnuPG. |
4 |
> |
5 |
> And how will you find and identify trustworthy people? |
6 |
|
7 |
The same way we find trusted devs, but with laxer coding ability requirements. |
8 |
|
9 |
> > For convenience it would be great, if people could tellportage their |
10 |
> > builder- ID and have portage upload generated packages automatically. |
11 |
> |
12 |
> Are you crazy? That would lead to hundreds od users uploading the same |
13 |
> package with a different signature, because no one can trust the |
14 |
> other. |
15 |
> |
16 |
> > That way we'd avoid building any package with teh same configuration |
17 |
> > twice. |
18 |
> |
19 |
> So if my package with the backdoor gets uploaded first, I win? |
20 |
|
21 |
If you managed to get into the trusted group, then you can wreak havoc, sure. |
22 |
|
23 |
Others already answered better than me, why this currently isn't an issue. |
24 |
|
25 |
> This is totally unimportant. Sure, technically it can be done, but you |
26 |
> can never make it secure without really checking who is allowed to |
27 |
> upload packages or using centrally managed servers. And in the first |
28 |
> case you get much too much overhead. |
29 |
|
30 |
You could simply check whose packages you trust. |
31 |
|
32 |
> > Besides: One advantage of the Hash over all active USE flags as |
33 |
> > opposed to a bitvector of all USE flags is that this Hash will be the |
34 |
> > same for all packages with the same active USE flags, so there will |
35 |
> > be a lower number of distinct USE hashes. That way they can more |
36 |
> > easily be used to query for packages (that's a possible optimization |
37 |
> > for p2p: search by package name + version + USE hash + Host SLOT). |
38 |
> |
39 |
> That is wrong. The function creating the packed binary vector is |
40 |
> nothing but a reversible hash function. You take the activated |
41 |
> USE-flags and the package name and version and get the "hash", |
42 |
|
43 |
I would simply use only the active USE flags to get the USE Hash and keep the |
44 |
package name and version in the name - and out of the hash (I think something |
45 |
got muddled up in discussion here). |
46 |
|
47 |
> There is exactly one problem I know of with my approach, which I |
48 |
> already mentioned but no one seems to be interested in: It needs a |
49 |
> fixed set of USE-flags per package name and version, or it needs to be |
50 |
> extended/it can become ambiguous. But this is just a policy that can be |
51 |
> enforced if people see the benefit. |
52 |
|
53 |
The available USE flags are defined in the ebuilds. They can change at any |
54 |
moment, but as far as I know you then get a new version of the ebuild (i.e. |
55 |
...-r2.ebuild). (If I'm wrong, please write so!) |
56 |
|
57 |
But though I prefer using a hash for the USE flags, this is really no hard |
58 |
blocker - and it's certainly not worth that we squabble over it. |
59 |
|
60 |
If you want to implement it as a bitvector and this will have no disadvantages |
61 |
over using a hash (no added maintenance cost, no missing possibilities and no |
62 |
restrictions on the workflow of ebuild maintainers), then just use a bitvector |
63 |
- but make sure it's encoded filename- and url-safe. |
64 |
|
65 |
Best wishes, |
66 |
Arne |
67 |
-- |
68 |
-- Ein Würfel System: http://1w6.org - einfach saubere (Rollenspiel-) Regeln. |
69 |
-- Infinite Hands: http://infinite-hands.draketo.de - singing a part of the |
70 |
history of free software. |
71 |
-- My stuff: http://draketo.de - stories, songs, poems, programs and stuff :) |
72 |
|
73 |
-- PGP/GnuPG: http://draketo.de/inhalt/ich/pubkey.txt |