On Sun, Sep 23, 2007 at 10:54:06PM +0100, Rui Miguel Silva Seabra wrote:
> Remember: OpenBSD still doesn't have a digitally signed code distribution,
> and in some places that means it can't enter! Stupid, I know, but not too
> stupid for the "blame game" rules, which sort of ignore the "secure by
> design" initiatives.
Sure it does, just pull from CVS over SSH and compile your own. Only
requires trusting one download, ever, and that can be verified by
downloading from n servers from m distinct network locations, and
verifying that the checksums match.
I do get what you are hinting at, but it's not an insurmountable issue.
Joachim
--
TFMotD: pflogd (8) - packet filter logging daemon
