On Sun, Sep 24, 2006 at 02:32:27PM -0400, Nathanael Nerode wrote:
> It's not reasonable to rely on one single machine like that: apart from the
> mess that would happen if it went down or the person uploading its packages
> took a week's vacation,
As opposed to the "mess" that does happen right
martin f krafft wrote:
> also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.01.0241 +0200]:
>> Rebuilding every package really doesn't buy you that much in the
>> way of security.
>
> This is arguable and I don't want to go there. The reason I am
> pushing for this is because of two of my clie
Roberto C. Sanchez wrote:
> Is it not part of the process of becoming a DD (or sponsorship of
> packages for non-DDs) learning the "responsible" way to build packages.
> That is, developers are taught to use tools like pbuilder or sbuild in
> order to ensure that packages build cleanly. I'm not s
martin f krafft wrote:
> also sprach Henning Makholm <[EMAIL PROTECTED]> [2006.08.31.1641 +0200]:
>> Please read up on the regular (every few months) discussions about
>> "source-only uploads" in the list archives. (Capsule summary: yes,
>> it would be easy to do, but there is no consensus that it
Sven Luther wrote:
> Accordying to James Troup, whom i asked exactly that at some past debconf,
> this is because if there is some lag in the x86 buildd, then loads of user
> will complain to them about non-installable packages, and the
> ftp-masters/buildd administrators being volunteers and not
Scripsit "James R. Van Zandt" <[EMAIL PROTECTED]>
> - Allow an automated comparison of the two .debs. This would take
>some work to set up, but I would hope to detect a binary that
>doesn't correspond to the claimed sources. Also incorrect version
>of a compiler and different librar
On Mon, 04 Sep 2006, James R. Van Zandt wrote:
> Henrique de Moraes Holschuh <[EMAIL PROTECTED]> wrote:
> > > - Eliminate the wait for the buildd for the first architecture.
> >
> > Not acceptable.
>
> Rather, you would not find that acceptable.
No, it's just that such "install and override
Henrique de Moraes Holschuh <[EMAIL PROTECTED]> wrote:
> > - Eliminate the wait for the buildd for the first architecture.
>
> Not acceptable.
Rather, you would not find that acceptable.
> It will cause a time window where a trojaned binary package
> might be active,
True.
> and si
On Mon, 04 Sep 2006, James R. Van Zandt wrote:
> > You are right, I wrote source-only upload, but obviously
> > upload-binary-and-remove-it is better policy.
>
> I suggest that the uploaded binary be kept temporarily, for two
> purposes:
>
> - Eliminate the wait for the buildd for the fir
martin f krafft dijo [Sat, Sep 02, 2006 at 08:42:34AM +0200]:
> also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0141 +0200]:
> > I honestly think the security argument for doing this is silly.
>
> Clients do not want to hear something like that.
Please... Do you mean they trust me (as an
Matej Cepl <[EMAIL PROTECTED]> wrote:
> On Thu 31. August 2006 12:47, you wrote:
> > Without a binary version someone upload (and therefor should
> > have tested), he could always claim his upload would have
> > worked if the buildds would not have mangled it. So there is
> > at least on
On Fri, Sep 01, 2006 at 05:03:29PM +0200, Michelle Konzack wrote:
> I have tried to RECOMPILE some packages in Sarge but failed.
> The Binaries are working. It seems, thet the Maintainer had
> used a machine where the Build was successfull, but no other
> one can do it because it FTBFS
Source up
Hello Martin and *,
Am 2006-08-31 17:11:03, schrieb martin f krafft:
> I would like to know why we can't just discard those binaries and
> rebuild them on trusted machines. Then we get the best of all
> worlds.
I have tried to RECOMPILE some packages in Sarge but failed.
The Binaries are working
also sprach Bastian Blank <[EMAIL PROTECTED]> [2006.09.02.1841 +0200]:
> > Don't porters work on DSA-controlled machines?
>
> Nope. They are controlled by the porters themself.
Then I guess this thread taught me something new. Not sure I wanted
to hear this.
--
Please do not send copies of list
On Sat, Sep 02, 2006 at 04:24:24PM +0200, martin f krafft wrote:
> Don't porters work on DSA-controlled machines?
Nope. They are controlled by the porters themself.
Bastian
--
Fascinating is a word I use for the unexpected.
-- Spock, "The Squire of Gothos", stardate 2124.5
--
martin f krafft <[EMAIL PROTECTED]> writes:
> The important thing to consider is that there are always two
> types of clients: executives and clued people. The clued people
> understand your reasoning (and I claim I do too, which makes me
> clued; woohoo!). The executives don't.
You seem to be sa
also sprach Henning Makholm <[EMAIL PROTECTED]> [2006.09.02.1552 +0200]:
> > And yes, I still think there's a difference between the two
> > scnearios: a clean source, 11 clean binaries, but one trojaned one
> > against an unclean source and 12 unclean binaries. As someone else
> > said, post-morte
Scripsit martin f krafft <[EMAIL PROTECTED]>
> And yes, I still think there's a difference between the two
> scnearios: a clean source, 11 clean binaries, but one trojaned one
> against an unclean source and 12 unclean binaries. As someone else
> said, post-mortem it'll be *much* easier to deal wi
Russ Allbery writes:
> Source-code trojans are more dangerous because people fear binaries but
> think that if they've compiled it, it's fine, when the only real
> distinction is between code that's been audited and code that hasn't.
> Binaries built and uploaded by a maintainer who audits the ups
martin f krafft <[EMAIL PROTECTED]> writes:
> And yes, I still think there's a difference between the two scnearios: a
> clean source, 11 clean binaries, but one trojaned one against an unclean
> source and 12 unclean binaries. As someone else said, post-mortem it'll
> be *much* easier to deal wit
Sven Luther <[EMAIL PROTECTED]> writes:
> On Fri, Sep 01, 2006 at 11:52:17PM -0700, Russ Allbery wrote:
>> Source-code trojans are more dangerous because people fear binaries but
>> think that if they've compiled it, it's fine, when the only real
>> distinction is between code that's been audited
On Fri, Sep 01, 2006 at 11:52:17PM -0700, Russ Allbery wrote:
> martin f krafft <[EMAIL PROTECTED]> writes:
> > also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0141 +0200]:
>
> >> I honestly think the security argument for doing this is silly.
>
> > Clients do not want to hear something
also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0912 +0200]:
> Feh, I think that's a cop-out. It's not that hard to explain, or
> that hard to understand, and I've worked with plenty of executives
> who can understand that concept just fine when explained in terms
> that they're familiar
martin f krafft <[EMAIL PROTECTED]> writes:
> also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0852 +0200]:
>> You're probably not going to convince me on this, so it may not be
>> worth wasting time on arguing about it when we both agree on the
>> fundamental goal.
> Neither have you con
also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0852 +0200]:
> You're probably not going to convince me on this, so it may not be
> worth wasting time on arguing about it when we both agree on the
> fundamental goal.
Neither have you convinced me. The important thing to consider is
that t
George Danchev <[EMAIL PROTECTED]> writes:
> True, and Martin's reasoning is about consistency across the
> architectures, not that much after security, as I read it.
That argument I agree with.
> On Saturday 02 September 2006 02:41, Russ Allbery wrote:
>> However, that does not mean I think it'
martin f krafft <[EMAIL PROTECTED]> writes:
> also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0141 +0200]:
>> I honestly think the security argument for doing this is silly.
> Clients do not want to hear something like that.
People frequently don't want to hear that ideas they've latche
On Saturday 02 September 2006 02:41, Russ Allbery wrote:
> martin f krafft <[EMAIL PROTECTED]> writes:
> > The reason I am pushing for this is because of two of my clients, who
> > have been wanting to use Debian for three years now but consciously
> > decided against it, because it is not guarante
also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.02.0141 +0200]:
> I honestly think the security argument for doing this is silly.
Clients do not want to hear something like that.
--
Please do not send copies of list mail to me; I read the list!
.''`. martin f. krafft <[EMAIL PROTECTED
martin f krafft <[EMAIL PROTECTED]> writes:
> The reason I am pushing for this is because of two of my clients, who
> have been wanting to use Debian for three years now but consciously
> decided against it, because it is not guaranteed that the sources and
> the binaries in our archives correspon
also sprach Russ Allbery <[EMAIL PROTECTED]> [2006.09.01.0241 +0200]:
> Rebuilding every package really doesn't buy you that much in the
> way of security.
This is arguable and I don't want to go there. The reason I am
pushing for this is because of two of my clients, who have been
wanting to use
On Fri, Sep 01, 2006 at 02:57:27AM +0200, Sven Luther wrote:
> On Thu, Aug 31, 2006 at 05:41:11PM -0700, Russ Allbery wrote:
> >
> > Rebuilding every package really doesn't buy you that much in the way of
> > security. It makes it harder to hide what you did, but only harder; a
> > rogue uploader
On Thu, Aug 31, 2006 at 05:41:11PM -0700, Russ Allbery wrote:
> Matej Cepl <[EMAIL PROTECTED]> writes:
>
> > No, it is matter of accountability and being able to tell to the bank
> > (mentioned in Martin's presentation) that we know who compiled the
> > package and we have made reasonable precauti
Matej Cepl <[EMAIL PROTECTED]> writes:
> No, it is matter of accountability and being able to tell to the bank
> (mentioned in Martin's presentation) that we know who compiled the
> package and we have made reasonable precautions to be sure there are no
> trojans inside.
Rebuilding every package
On Thu 31. August 2006 12:47, you wrote:
> Debian is not other distributions. Other distributions have
> dependency hell with source-only uploads. This is a matter of
> policy and being able to blame people if something fails.
No, it is matter of accountability and being able to tell to the
bank
On Thu, Aug 31, 2006 at 05:03:10PM +0200, martin f krafft wrote:
> [bcc'd to ftpmaster to make it easier for them to reply if they
> don't read the list]
>
> also sprach Matej Cepl <[EMAIL PROTECTED]> [2006.08.31.1621 +0200]:
> > Wouldn't it be sensible to add that line to crontab (e.g., rm -f
>
On Thu, Aug 31, 2006 at 10:21:06AM -0400, Matej Cepl wrote:
> Hi,
>
> I was listening to madduck's presentation for Irish LUG
> (http://blog.signal2noise.co.uk/cgi-bin/blosxom.pl\
> /technical/martinfkrafft_talk.html) and I was quite shocked to
> learn, that not all binary packages are compiled
also sprach Henning Makholm <[EMAIL PROTECTED]> [2006.08.31.1641 +0200]:
> Please read up on the regular (every few months) discussions about
> "source-only uploads" in the list archives. (Capsule summary: yes,
> it would be easy to do, but there is no consensus that it would be
> *desirable* to do
[bcc'd to ftpmaster to make it easier for them to reply if they
don't read the list]
also sprach Matej Cepl <[EMAIL PROTECTED]> [2006.08.31.1621 +0200]:
> Wouldn't it be sensible to add that line to crontab (e.g., rm -f
> $INCOMING_QUEUE/*.deb; we have even advantage over Red Hat, that
I don't
Scripsit Matej Cepl <[EMAIL PROTECTED]>
> Wouldn't it be sensible to add that line to crontab (e.g., rm -f
> $INCOMING_QUEUE/*.deb; we have even advantage over Red Hat, that
> we don't have to fiddle with find to delete just binary *.rpm
> and preserve *.src.rpm :-)) and to recompile everything
Hi,
I was listening to madduck's presentation for Irish LUG
(http://blog.signal2noise.co.uk/cgi-bin/blosxom.pl\
/technical/martinfkrafft_talk.html) and I was quite shocked to
learn, that not all binary packages are compiled through buildd
network, but that most binary packages (mostly those cre
41 matches
Mail list logo
