Hello On Tue, Jul 3, 2018 at 9:33 AM, Virgil Dupras <vdup...@gentoo.org> wrote: > Hi everyone, > > With the recent Github incident, users have (rightfully) voiced concerns > about the security of their Gentoo ebuild tree. Luckily, thanks to recent > efforts on the repository verification feature, we can answer "yes, it's > possible to update your ebuild tree in a convenient and secure manner", but > documentation about how to do it is not readily available. I've seen some of > these questions only partially answered due to our own lack of knowledge on > this subject as developers. > > To fix this, I've been working, in the last few days, on a new "Portage > Security" wiki page [1] that aims to guide the user to a secure setup and > dispel doubts about the security of their setup. I would invite you to start > pointing users to it when they ask questions on this matter. > > I'm not a very experienced developer and this has been written with the > little knowledge I have, so I invite you to review and correct it if needed.
I think is a nice idea :) ++ -- Thanks, Alice Ferrazzi Gentoo Kernel Project Leader Gentoo Foundation Vice-Secretary Gentoo Google Summer of Code Administrator Mail: Alice Ferrazzi <ali...@gentoo.org> PGP: 2E4E 0856 461C 0585 1336 F496 5621 A6B2 8638 781A
