On 12/07/2011 01:25 PM, seth vidal wrote: > If I were going to use random vm's I'd want to: > 1. connect using ssh > 2. push over my own rpm/python/etc binaries > 3. checksum all the rest of the installed (and running) software > 4. verify those checksums versus my known good set > 5. THEN push over the pkgs to be built I'd say we need to be paranoid on this one and consider a tainted kernel where your own binaries would report A-OK on a rigged gcc because kernel has a special case for it. Test builds and QA might be OK, but nothing that results in shipped bits. -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
