I understand the difference between %build and %check, as well as the problem
of this could be worked around by future actors. I would still like to
understand the potential as a building blocks for hardening.
Do you see a path for a hashing-like validation in the %check phase that could
be enabled by an additional run time parameter of the tool? This way, feature
is available to potential users, but not enabled by default?
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/3010#issuecomment-2063917625
You are receiving this because you are subscribed to this thread.
Message ID: <rpm-software-management/rpm/issues/3010/2063917...@github.com>
_______________________________________________
Rpm-maint mailing list
Rpm-maint@lists.rpm.org
http://lists.rpm.org/mailman/listinfo/rpm-maint
