Dennis E. Hamilton wrote on Mon, Apr 29, 2013 at 10:31:14 -0700: > 5. This is sufficient to poison a download mirror site with > a counterfeit download so long as the ASC, SHA1, and MD5 locations > can also be spoofed without the user noticing.
Right. The normal answer here is "They will have to commit to the dist/ repository which will cause a post-commit mail which someone will notice". I'd be interested in hearing (on infra-dev@) how you break this without assuming a mirror gets compromised (if _that_ happens, it's game over for users who don't verify PGP sigs). --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@openoffice.apache.org For additional commands, e-mail: dev-h...@openoffice.apache.org
