martin f krafft <[EMAIL PROTECTED]> writes: > also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0141 +0200]:
>> I honestly think the security argument for doing this is silly. > Clients do not want to hear something like that. People frequently don't want to hear that ideas they've latched on to don't really have much basis in fact. If I were expressing that directly with a client, I would probably use a softer expression of the idea than "silly," of course. I would, however, not want to let someone keep the notion that binaries are dangerous but source code is somehow safer. It's not true (at least in any significant sense), nor is it true that source-only uploads provide any more accountability than the system we have now. Source-code trojans are more dangerous because people fear binaries but think that if they've compiled it, it's fine, when the only real distinction is between code that's been audited and code that hasn't. Binaries built and uploaded by a maintainer who audits the upstream code are significantly safer than uncompiled source code uploaded by a maintainer who doesn't. You're probably not going to convince me on this, so it may not be worth wasting time on arguing about it when we both agree on the fundamental goal. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]