Re: How do you hack on GNOME? How can we do better?

From: Simon McVittie <simon mcvittie collabora co uk>
To: desktop-devel-list gnome org
Subject: Re: How do you hack on GNOME? How can we do better?
Date: Wed, 22 Jul 2015 17:28:41 +0100

On 21/07/15 19:45, Owen Taylor wrote:

On Tue, 2015-07-21 at 12:22 +0100, Simon McVittie wrote:

VMs do have the advantage that they are definitely a trust boundary:
running a branch of some component in a VM does not require you to 
trust that branch with all your data, credentials and so on.


This only works, of course, if your *builds* are also inside the
virtual machine, or are effectively sandboxed.


Indeed. Sorry, yes, when I said "running" I meant "building, installing
and running".

Hmm, I have some strong doubts about packagers as a reliable line of
defense against malicious code - especially since malicious code could
be very subtle.


You're right that it isn't perfect, but it's better than nothing.

Code received through a well-implemented package system at least has
some sort of trust chain/signing to avoid undetectable alterations,
which puts it ahead of unauthenticated protocols like the git:// transport.

-- 
Simon McVittie
Collabora Ltd. <http://www.collabora.com/>

References:
- How do you hack on GNOME? How can we do better?
  - From: Owen Taylor
- Re: How do you hack on GNOME? How can we do better?
  - From: Simon McVittie
- Re: How do you hack on GNOME? How can we do better?
  - From: Owen Taylor

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]