On Fri, Sep 02, 2005 at 02:03:30PM +0200, Zlatko Michailov wrote: > I think a public build server will resolve many unknowns. Imagine the build > server only accepts a URL to the source tar ball. That URL is associated > with the compiled RPM so that download users may verify the source URL. > We'll also maintain a list of domain prefixes that the build server may use > to get sources. Then it won't really matter who built the RPM - the source > is verified and the build environment is trusted.
Sure? And what do you think will happen when you install a package with trusted sources where the packager has put a "rm -rf /" into the post-install script? If you wanted to try I could build such a package for you. Don't be naive! There is no method to automatically prevent you from malicious code. Your best chances are to use your own brain. The best known heuristics methods are to decide whether you trust the packager or not. This can fail as well if your faith in the person was not justified but it is still the best chance to survive. The naive user will continue to download his viruses and Trojan horses. There will never be a technical method to prevent him from that (unless his ISP terminates his net connection). Robert -- Robert Schiele Tel.: +49-621-181-2214 Dipl.-Wirtsch.informatiker mailto:[EMAIL PROTECTED]
pgpMTLQJf3o86.pgp
Description: PGP signature
