On 01/28/11 09:32, Jakob Gruber wrote:
Another aspect of this is security. Right now, any dev / TU could
theoretically check in a correct PKGBUILD but upload a binary package
with *insert malicious content* in it to the repos with a very low
probability of anyone ever noticing. A (mandatory) central build server
could guarantee that the package is actually built with the specified
publically available PKGBUILD.
I'm not a security expert so please call me out if I'm talking nonsense.
You have to trust all servers that are used for building. (and the
servers need to collectively have enough processing power to build
everything!) If we take random volunteers then it's not secure. But it
can certainly help security in certain ways if done right.
~Isaac
