On Wed, Oct 17, 2012 at 12:28:14PM -0400, Chris Knadle wrote: > On Tuesday, October 16, 2012 05:04:55, martin f krafft wrote: > > also sprach Holger Levsen <hol...@layer-acht.org> [2012.10.16.0945 +0200]: > > > > We have not cared enough for almost 20 years that 9 out of 10 binary > > > > packages in use (i386 until 2005, amd64 since then) are built on > > > > machines that are individually maintained according to widely > > > > varying security standards to do anything about it, AFAICT. > > > > > > your point being? > > > > That our users don't seem to care, and that probably is why we > > haven't done anything about it. > > Out of curiosity, how would a user /know/ whether a package has been built > via > a buildd rather than on a DD's local machine?
Everyone can check buildd.debian.org for the lack of a build log on a particular architecture for a given version. That's a fairly good indicator. -- Copyshops should do vouchers. So that next time some bureaucracy requires you to mail a form in triplicate, you can mail it just once, add a voucher, and save on postage. -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121017164514.gc22...@grep.be
