Tollef Fog Heen <tfh...@err.no> writes: > ]] Jakub Wilk > >> What makes a buildd more secure than a machine of J. Random Developer? > > It has a smaller attack surface due to few users, firewalls, few > packages installed, nobody using it for browsing the web, etc.
We seem to be forgetting, that the real advantage of source-only uploads isn't necessarily security, but a controlled build environment on *all* architectures. There is sbuild, pbuilder and the rest, but there are still packages uploaded that are built in an unclean environment, thereby becoming broken in various interesting ways. Nevermind security, whether N buildds are more secure than 200N random systems scattered around the world - a controlled environment makes source-only uploads a win, without doubt. (Of course, there's the corner case of bootstrapping things, but that's a corner case, and should be handled as such, not as the norm.) -- |8] -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/87r4oy335m.fsf@algernon.balabit
