Mailinglist Archive: opensuse-buildservice (284 mails)

< Previous Next >
[opensuse-buildservice] Re: How secure is openSUSE build service?
  • From: Guenter Dannoritzer <kratfkryksqq@xxxxxxxxxxxxx>
  • Date: Thu, 01 Nov 2007 00:39:30 +0100
  • Message-id: <fgb3ni$6o4$1@xxxxxxxxxxxxx>
Aniruddha wrote:
[...]

Is it just me or is this a giant step backwards? How can you trust a
project when everybody can upload files with no infrastructure to check
for malware? Even worse it is almost impossible to protect yourself
against rootkits.

Are there any future plans to set up an security infrastructure with
common rules for ensuring security?


You are getting a wrong perspective here. Any software can contain
malicious parts. The build service just provides a platform to create
RPM packages from open source code.

Would you trust a software, that you compile yourself from source on
your computer, more than a RPM package of that software that you got
from the build service? How would you tell that the source does not
contain malicious parts?

Cheers,

Guenter

---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-buildservice+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-buildservice+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups