[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: security vs. configure
|
From: |
Michael Still |
|
Subject: |
Re: security vs. configure |
|
Date: |
Mon, 23 Apr 2001 22:17:19 +1000 |
On Mon, 23 Apr 2001, Tom Holroyd wrote:
> On Mon, 23 Apr 2001, Michael Still wrote:
>
> > Autoconf could run gnupg / pgp (if present) after generating the configure
> > script and produce a checksum on the script. If this was a default action,
> > then it would increase the chance of developers having at least some
> > checksumming.
> >
> > It doesn't fix doubt over the intentions of the developer though.
...snip...
> What would be nice is if it were possible for configure to automatically
> check the signature or checksum. Since that's hard to do on an unpacked
> archive, signed packages might go the "tarball inside a tarball" route,
> where the configure script actually unpacks the real tarball after
> checking the signature.
>
> $ tar -xzf file_you_just_downloaded.tgz
> $ cd project_dir_created_by_tar
> $ ls
> configure project.tar project.tar.asc
>
> with maybe a few README, INSTALL, COPYRIGHT, and other (non-executable,
> non-data) boilerplate files. Then configure does all the integrity
> checking.
I don't like the tarball inside a tarball approach... This adds another
level of complexity and inconvenience for users, and I would think would
concern most developers as well.
Perhaps we're looking at this wrong -- at some point people need to say
that the user is responsible for their own security. If a simple system
can't be implemented to assist them, then perhaps they should be left on
their own.
Mikal
--
Michael Still (address@hidden)
http://www.stillhq.com -- a whole bunch of Open Source stuff including PDF
software...
"Grrrrrrr! I'm a volleyballing machine!"