commit: ad0eddba980f0d4a38f759a01da698d16914d993 Author: Michał Górny <mgorny <AT> gentoo <DOT> org> AuthorDate: Sat Nov 25 20:37:06 2017 +0000 Commit: Michał Górny <mgorny <AT> gentoo <DOT> org> CommitDate: Sat Nov 25 20:49:18 2017 +0000 URL: https://gitweb.gentoo.org/data/glep.git/commit/?id=ad0eddba
glep-0074: Integration with package manager glep-0074.rst | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-) diff --git a/glep-0074.rst b/glep-0074.rst index 0412094..cf8c048 100644 --- a/glep-0074.rst +++ b/glep-0074.rst @@ -8,7 +8,7 @@ Type: Standards Track Status: Draft Version: 1 Created: 2017-10-21 -Last-Modified: 2017-11-23 +Last-Modified: 2017-11-25 Post-History: 2017-10-26, 2017-11-16 Content-Type: text/x-rst Requires: 59, 61 @@ -436,6 +436,29 @@ behavior is exhibited only when the directory is obtained without parent directories. +Package manager integration (informational) +------------------------------------------- + +A package manager supporting full-tree Manifest verification should +enable it by default when using the Gentoo repository via rsync, +and require every location affecting its operation to verify +successfully before using it. + +Full-tree verification can only be disabled explicitly by the user +(e.g. using configuration files). For security reasons, the package +manager must not ever attempt to disable it based on any data from +the repository. In particular, it is wrong to control it via +``metadata/layout.conf`` or based on the presence of top-level Manifest, +as it allows a malicious third-party to easily bypass verification. + +Furthermore, none of the files present in the repository can be +processed before being verified against the Manifest files. This +includes ``metadata/layout.conf`` and ``profiles/repo_name`` files. +If the top-level Manifest is not present or those files do not pass +verification, the package manager with full-tree verification enabled +must reject the repository immediately. + + An example Manifest file (informational) ----------------------------------------
