On 18-Nov-08, at 2:24 PM, Jim Walker wrote: > John Sonnenschein wrote: >> My point is essentially that unless the source code is built by a >> controlled >> system there's no way to verify that it is what the source code >> pointer says >> it is, so it ought to be treated as an exception to the rule, which >> means >> that someone trusted ought to be the submitter (or trusted by >> proxy) and the >> default shouldn't be to accept the package. If there's a good >> reason to have >> a pure binary, there's a reason and it can be accepted assuming the >> trust is >> there. > > I agree to an automated build process to support this effort, and it > so happens, > I just reviewed such a process internally today that address this > perfectly. > But, it will take a little time to get it in place, and we need to > move > forward now, even if it is a little exposed and inefficient. That's > why I > included a procedure to update the processes. > > As far as trust is concerned, I would rather we start by trusting > people. > Geeks are some of the most trustworthy people on earth, and also > some of > the best at ferreting out the untrustworthy types via review. > > That said, if we change the /pending source code language to be the > same as > the /contrib language below, does it work? > > o The source code used to build the package must be referenced by > url or included, unless explicitly approved by the community by TWO > "+1" votes and NO "-1" votes after TWO non-weekend days
That would be acceptable. I'd still prefer the code to be built on an internal machine such that we have an exact record, but I'm willing to bend this far. -JohnS _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
