https://sourceware.org/bugzilla/show_bug.cgi?id=30978

--- Comment #4 from Frank Ch. Eigler <fche at redhat dot com> ---
Note that the main problem with this sort of scheme is not the checksum
(whether CRC or a hash).  That part can help provide some assurance against
accidental corruption.  (Plus you'd need external checksums for source files,
which can't get additional ELF doohickeys inserted.

But you'd need crypto signatures on those hashes in order to protect against
deliberate corruption anywhere between the original build system and your
client.  That in turn requires distribution of crypto keys.  It goes well
beyond the objcopy stuff.

I'm not sure whether the debian ecosystem has started thinking about this
stuff, but when/if they do, debuginfod should be adaptable to pass on whatever
assurances are possible.

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Reply via email to