Re: Redistributing refs from multiple origins in a single repository

From: Alexander Larsson <alexl redhat com>
To: philip tecnocode co uk, ostree-list gnome org
Subject: Re: Redistributing refs from multiple origins in a single repository
Date: Wed, 31 May 2017 10:08:24 +0200

On Tue, 2017-05-30 at 15:31 +0100, Philip Withnall wrote:


So you’re saying that every bit of
OSTREE_STATIC_DELTA_SUPERBLOCK_FORMAT is represented in the
reconstructed ‘to’ commit?


Yes, recursively at least (i.e. including the other objects it
creates). It is after all automatically generated by (e.g.) ostree
static-delta generate, which takes no real additional information than
the commit id.

Regardless of the format of origin IDs, the .flatpakrepo and
.flatpakref formats should acquire a new key to specify the
repository’s origin ID. This would make the remote name argument
to
`flatpak remote-add` optional.


This last sentence is a bit unclear. We could already generate a
remote
name if we wanted. For instance from the basename of the
flatpakrepo
file. However, the reason we don't is that the remote name is a
point
of trust in the system, and some shady flatpakrepo file could claim
to
be the remote called "official-firefox" or something. To avoid this
the
user is always in control of that.


I’m not sure how the remote name is supposed to function as a point
of
trust in the system. Am I right in thinking you’re trying to prevent
the situation where the user downloads a .flatpakref file for a new
game (for example) from a third-party website; but it secretly
configures a ‘official-firefox’ repository and starts listing fake
Firefox versions in gnome-software?

To mitigate that risk you don’t need to make the user type out the
remote name; they just need to be asked to validate it. And then
gnome-
software needs to make sure to make the remote obvious when
installing
software.


Yes, validation would work too. Thats what we use when automatically
adding a remote for the runtime repo when installing from a
flatpakrepo. But we can't silently add remotes.

-- 
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Alexander Larsson                                            Red Hat, Inc 
       alexl redhat com            alexander larsson gmail com 
He's a lonely small-town boxer with a mysterious suitcase handcuffed to 
his arm. She's a virginal bisexual widow from aristocratic European 
stock. They fight crime!

References:
- Redistributing refs from multiple origins in a single repository
  - From: Philip Withnall
- Re: Redistributing refs from multiple origins in a single repository
  - From: Alexander Larsson
- Re: Redistributing refs from multiple origins in a single repository
  - From: Philip Withnall

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]