On Wed, Oct 17, 2012 at 12:28:14PM -0400, Chris Knadle wrote: > On Tuesday, October 16, 2012 05:04:55, martin f krafft wrote: > > also sprach Holger Levsen <[email protected]> [2012.10.16.0945 +0200]: > > > > We have not cared enough for almost 20 years that 9 out of 10 binary > > > > packages in use (i386 until 2005, amd64 since then) are built on > > > > machines that are individually maintained according to widely > > > > varying security standards to do anything about it, AFAICT. > > > > > > your point being? > > > > That our users don't seem to care, and that probably is why we > > haven't done anything about it. > > Out of curiosity, how would a user /know/ whether a package has been built > via > a buildd rather than on a DD's local machine?
Everyone can check buildd.debian.org for the lack of a build log on a particular architecture for a given version. That's a fairly good indicator. -- Copyshops should do vouchers. So that next time some bureaucracy requires you to mail a form in triplicate, you can mail it just once, add a voucher, and save on postage. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
