2010/6/25 Nicolás Alvarez <[email protected]>: > On 6/25/10, Matt Arsenault <[email protected]> wrote: >> You could have BOINC only run something it compiled itself from a signed and >> verified source. > > And you could also compile your own BOINC client without such check. > Client-side checks are never effective, especially since BOINC is open > source, but even if it wasn't. > > Besides, what you're suggesting would make BOINC violate the MilkyWay > license (GPLv3).
Why would shipping source code be a problem. Anyone could compile it under LLVM or GCC as an anonymous platform app. BOINC already refuses to run unsigned executables that it downloads. There's no reason it couldn't refuse automatic compilation of unsigned source. _______________________________________________ boinc_dev mailing list [email protected] http://lists.ssl.berkeley.edu/mailman/listinfo/boinc_dev To unsubscribe, visit the above URL and (near bottom of page) enter your email address.
