On Tue, Nov 18, 2008 at 02:58:10PM -0800, John Sonnenschein wrote: > On 18-Nov-08, at 2:49 PM, Alan Coopersmith wrote: > >And using only compilers and CPU's that have somehow been certified? > > > >http://cm.bell-labs.com/who/ken/trust.html (summarized briefly at > >http://en.wikipedia.org/wiki/Backdoor_(computing)#Reflections_on_Trusting_Trust > > > > ) > > Are you arguing that because we can't have 100% trust we should just > trust everything always no matter what?
No, no one is arguing that. We should have enough meta-data that we can all make our own choices w.r.t. what/whom to trust. Not that that's manageable in the face of 100K pkgs, though it may be manageable for the pkgs one user installs and uses. In the long term we need TX/FLASK/FMAC. Nico -- _______________________________________________ indiana-discuss mailing list [email protected] http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
