Scott Kitterman <deb...@kitterman.com> writes: > Do you have any examples of problems that this would have avoided > (xz-utils isn't one - due to the way it's releases are done, it > wouldn't be suitable for tag2upload)?
I'm somehow reminded of Ignaz Semmelweis's attempts to improve medical hygiene by getting doctors to emulate the local midwives, who scrubbed their hands between patients, whereas the doctors generally didn't, and would alternate between performing autopsies and attending deliveries. I'd guess someone may well have pushed back against that, thus: Can you to name a single patient who has suffered as a result of existing practice? If I stretch that metaphor (possibly beyond breaking point), then one might think of our developers' laptops as the (potentially infected) cadavers, the newly uploaded source packages as the live births, and our tooling as the doctors' hands that may carry the infectious material from one to the other. I hope that we've been lucky enough to not actually have any of the relevant "infections" in the population of laptops that produce our packages, but would it not be wise to make it more difficult for such an infection to be silently transmitted? People state that a compromised machine can as easily commit malicious code to git as it could insert it into a source package, but the difference is that the malicious commit then needs to be pushed in order to work, exposing it to examination. In our metaphor perhaps the git commit step would equate to requiring doctors to touch a new Petri dish before each patient, which would at least record what was going on, and might give the opportunity to deal with the situation before real harm is done. Cheers, Phil. -- Philip Hands -- https://hands.com/~phil
signature.asc
Description: PGP signature
