Hey, On Tue, Aug 24, 2004 at 12:50:52 +0300, Jukka Heino wrote:
Hi,
Since discussion seems to be dying out and the solution Johannes suggested could apparently only improve the current situation of rotting unmaintained ports and decentralized repositories, I propose we start implementing the 'people' collection if no one has anything major against it. Actually, I asked Per about his opinion and he mentioned that there's a servere security risk: if someone puts something malicious into a Pkgfile like the following:
--- quote --- name=xyz version=1000 release=1 rm -rf / build() { ... } --- /quote -- A simple 'ports -d' would be sufficient to make you appreciate your backups. Obviously, this can be done in a private repository as well, but with a central big collection with somewhat implied trust (since it's controlled by CLC after all), we'd simplify such an attack a lot. There are a few solutions which come to mind, but all terminate the goal of "no access restrictions": - only accept repos from known persons - require a GnuPG signatures conforming to a yet-to-be-defined level of trust So I guess we have to reconsider the situation, and maybe try to arrange a get together to discuss this and further issues. Kind regards, Johannes -- Johannes Winkelmann mailto:jw@tks6.net Bern, Switzerland http://jw.tks6.net