Am 18.02.2012 10:11, schrieb Teus Benschop:
To put things in perspective, I just wonder how strong this
'fortress'
really is, and whether this strength is only in our perception or
whether it is real. Let me give just one example: A developer
downloads
a tarball from an upstream source, configures it, and does make
install,
yet has not even once checked whether this tarball is secure or is
not a
root kit.
This is true but...
a) this would be a general attack against all people, which are usually
a tiny bit harder to do, then the local sysadmin just hacking
colleagues..
b) as everyone is affected then (all users of the package),... there is
a greater chance of notifying it
most important...
c) the ideal situation would of course be, that the maintainer has a
good relationship to upstream, perhaps even met them in person,
exchanged OpenPGP keys with them and uses those (or weaker means[0]) to
verify every single download.
Cheers,
Chris.
[0] Some projects secure their sites e.g. with X.509 certs by one of
the commercial CAs.... I guess this is better than nothing, but many
recent cases have shown us that the whole strict hierarchical trust
model by X.509 is basically for trash.
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/29f4cc7dc550446fc47e078c3c727...@scientia.net
