Dag Sverre Seljebotn <d.s.seljebotn <at> astro.uio.no> writes: > Well, but I think you need to care about the whole process here. > > Focusing only on the "end-user case" and binary installers has the flip > side that smuggling in a back door is incredibly easy in compiled > binaries. You simply upload a binary that doesn't match the source. > > The reason PyPI isn't one big security risk is that packages are built > from source, and so you can have some confidence that backdoors would be > noticed and highlighted by somebody. > > Having a common standards for binary installation phase would be great > sure, but security-minded users would still need to build from source in > every case (or trust a 3rt party build farm that builds from source). > The reason you can trust RPMs at all is because they're built from SRPMs.
Easy enough on Posix platforms, perhaps, but what about Windows? One can't expect a C compiler to be installed everywhere. Perhaps security against backdoors could also be provided through other mechanisms, such as signing of binary installers. Regards, Vinay Sajip _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
