On Tuesday, October 16, 2012 05:04:55, martin f krafft wrote: > also sprach Holger Levsen <hol...@layer-acht.org> [2012.10.16.0945 +0200]: > > > We have not cared enough for almost 20 years that 9 out of 10 binary > > > packages in use (i386 until 2005, amd64 since then) are built on > > > machines that are individually maintained according to widely > > > varying security standards to do anything about it, AFAICT. > > > > your point being? > > That our users don't seem to care, and that probably is why we > haven't done anything about it.
Out of curiosity, how would a user /know/ whether a package has been built via a buildd rather than on a DD's local machine? -- Chris -- Chris Knadle chris.kna...@coredump.us -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210171228.14376.chris.kna...@coredump.us