On Mon, Jul 14, 2008 at 07:30:10PM +0200, Hans Witvliet wrote:
On Mon, 2008-07-14 at 03:14 +0200, Carlos E. R. wrote:
But Repos usually are signed, and in addition to the above you have to convince the masses that the key should be imported and trusted.
Just create a repo with a signature with the intention from the start to pervert it. It is signed, so what? There is no strong web of trust in the pgp sense (face to person signing of keys).
About convincing the masses to import the key, that's easy enough: once you want to add a repo, you just press enter when yast asks about importing the key. What do you expect? How can we manually import each key and whom do we ask if each repo (there are hundreds) is trustworthy? How do we know who is behind and responsible for each repo? Where are the descriptions of each repo, a declaration of intentions, a list of owners?
No, we simply search for a repo that contains what we want (with a search engine, perhaps), add it, answer yes to all questions. Bingo! F!
I'm not telling there is inmediate danger, but that there could be. It scares me more than viruses, that's a fact.
Yes, i agree, It's easy to create a repo. (well, atleast the administrative part of it, not the creating of a properly functioning spec-file)
But what do you suggest? You cann't ask the people of SuSE to check and re-check the content of the OBS for each and every repo.
web-of-trust for email is one thing, doing the same for a repo is quite something else... A job-interview with AJ, Stephan or Marcus before they get entrance to the OBS? Don't think so.
Perhaps a treshold can be the place of the code in the obs: 1) under repo/home:/<any-joker> not to be trusted 2) anywhere else : can be trusted
And if you consider your projcet that usefull/important for the world, you have to explain it to the maintainers of the obs, and they can check the code before giving you access to the "trusted parts" of the OBS.
We have currently one student working on this notion of trust, but it is a very difficult topic to model and to make correct working. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org