On 6/14/11 2:41 PM, Daniel Gibson wrote:
Am 14.06.2011 21:34, schrieb Robert Clipsham:
On 14/06/2011 20:07, Andrei Alexandrescu wrote:
On 6/14/11 1:22 PM, Robert Clipsham wrote:
On 14/06/2011 14:53, Andrei Alexandrescu wrote:
http://www.wikiservice.at/d/wiki.cgi?LanguageDevel/DIPs/DIP11
Destroy.
Andrei
This doesn't seem like the right solution to the problem - the correct
solution, in my opinion, is to have a build tool/package manager handle
this, not the compiler.
Problems I see:
* Remote server gets hacked, everyone using the library now
executes malicious code
This liability is not different from a traditional setup.
Perhaps, but with a proper package management tool this can be avoided
with sha sums etc, this can't happen with a direct get. Admittedly this
line of defense falls if the intermediate server is hacked.
Signing the files/hashes with GPG helps (as long as the developers
private key isn't on the server).
Could you please add a subsection to the trust model discussing such a
possibility?
Thanks,
Andrei
