[lsb-discuss] [Webdevel] Key for signing downloadable printer driver packages
Theodore Tso
tytso at mit.edu
Thu Oct 9 14:11:38 PDT 2008
On Thu, Oct 09, 2008 at 10:49:55PM +0200, Martin Pitt wrote:
>
> openprinting.org already goes into the right direction by offering a
> separate repository for each driver, so the repos can be enabled
> individually depending on which driver the user wants.
>
Not that I want to dissuade distributions from trusting Linux
Foundation staff :-), but does the separate repository really provide
enough of a benefit to be worth the annoying to the end user of
determining which repo's they need to enable?
Without the fine-grained access controls, what would happen if a bad
guy breaks into an external third party repository, and drops in a
package for sshd with a higher version number? If instead of one
repository, you have 100 repositories, it would be annoying for end
users to figure out which one of the 100 repositories they need to
enable for their printer(s), and the cost to the attacker is they
might have install 99 hard links. :-)
Maybe the right answer is we have a master repository which we can
offer the distro's to mirror, with perhaps a weekly or monthly update
cycle, and the distro's can do what ever quality checking their
professional paranoids decide is necessary before they rebroadcast out
to their customers? We'd still need to have signing keys, of course,
but the question what we need to do in order to assure that distro's
will be willing to consume our drivers.
- Ted
More information about the lsb-discuss
mailing list