On 19 Jun 2008, at 08:32, Venky wrote: > Some concerns about this process. I love the fact that the barrier > to entry is so low. But this also means that it would be trivial to > submit a package with a rootkit or a backdoor and have it hosted on > opensolaris.org. > > I find third-party contributors directly submitting binaries a scary > prospect. The best option, IMO, would be to have them submit > patches and build recipes (which are much more easily vetted) and > have the actual build carried out by the /contrib project. Going > the SFE way would seem to be the best option for this.
Would requiring that all ELF binaries be signed (noting the recent elfsign thread) mitigate your concerns? Obviously they only tell you who provided the bad binaries in the first place, and it wouldn't help at all with dangerous scripts. Having a build recipe seems safer though. This would make the contrib repository a bit like the ports systems on other OSes (eg FreeBSD, MacPorts, Gentoo, etc.) Cheers, Chris _______________________________________________ pkg-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/pkg-discuss
