On Mon, Mar 14, 2005 at 06:43:21PM +0100, Goswin von Brederlow wrote:
> Sven Luther <[EMAIL PROTECTED]> writes:
> >> Where human delay did come into play was in getting the xfree86 mess
> >> cleaned; in theory it should have taken one or two days, but in
> >> practice it took much longer.
> >
> > Why not fully eliminate the human factor ? Ubuntu does automated build from
> > source only uploads, the package sources are built and signed by a 
> > developer,
> > autobuilt on all arches, and i don't believe they are individually signed
> > after that.
> 
> Security reasons?

Hum, ...

so the buildd admin really examine all the packages for deviation that a
compromised buildd could have incorporated before signing them ? Or that they
scan the machine for a compromise and always detect them before signing ? 

I seriously doubt that this may be a criteria, and as said, ubuntu does it, so
we could work something out as well if the will was there for that.

Friendly,

Sven Luther


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to