On 01/28/11 09:32, Jakob Gruber wrote:
Another aspect of this is security. Right now, any dev / TU could theoretically check in a correct PKGBUILD but upload a binary package with *insert malicious content* in it to the repos with a very low probability of anyone ever noticing. A (mandatory) central build server could guarantee that the package is actually built with the specified publically available PKGBUILD. I'm not a security expert so please call me out if I'm talking nonsense.
You have to trust all servers that are used for building. (and the servers need to collectively have enough processing power to build everything!) If we take random volunteers then it's not secure. But it can certainly help security in certain ways if done right.
~Isaac
