[Bug 1020292] Review Request: bitcoin - Peer-to-peer digital currency

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



https://bugzilla.redhat.com/show_bug.cgi?id=1020292



--- Comment #55 from Simone Caronni <negativo17@xxxxxxxxx> ---
(In reply to Suvayu from comment #54)
> Unless Fedora can
> guarantee that the distributed binary will be identical to the upstream
> binary

This can never happen. Libraries, compilers, etc. will be different. Based on
the same logic there should be one and only Linux distribution that everybody
uses.

> or at least Fedora infrastructure will provide sufficient
> information to the user such that they can verify the Fedora packaged
> binaries aren't compromised, Fedora should not be including this in the
> repo.  Events since 2017 have shown this is an important concern.

This can be guaranteed by the various chain of trust (builders, package
signatures, etc.) and is easily verifiable. Putting this under doubt means
saying the distribution can not be trusted at all and any binary/pacakge in it
can be compromised easily.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are always notified about changes to this product and component
_______________________________________________
package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx




[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite Conditions]     [KDE Users]

  Powered by Linux