Re: Relative security of Community repos and packages
| От | pbj@cmicdo.com |
|---|---|
| Тема | Re: Relative security of Community repos and packages |
| Дата | |
| Msg-id | 473368944.683588.1627587598931@mail.yahoo.com обсуждение исходный текст |
| Ответ на | Re: Relative security of Community repos and packages (Dave Cramer <davecramer@gmail.com>) |
| Ответы |
Re: Relative security of Community repos and packages
|
| Список | pgsql-www |
Sorry... forgot "Reply-all"
On Thursday, July 29, 2021, 3:32:33 PM EDT, Dave Cramer <davecramer@gmail.com> wrote:
> On Thu, 29 Jul 2021 at 15:25, pbj@cmicdo.com <pbj@cmicdo.com> wrote:
> On Thursday, July 29, 2021, 11:28:03 AM EDT, Stephen Frost <sfrost@snowman.net> wrote:
>
> > Greetings,
> >
> > * Tom Lane (tgl@sss.pgh.pa.us) wrote:
> > > Stephen Frost <sfrost@snowman.net> writes:
> > > > Indeed, that comment didn't seem to help clear things up. I'm guessing Dave
> > > > is referring to the fact that we have a separate "gitmaster" server, which
> > > > is also maintained by pginfra and is where committers actually push changes
> > > > to, and then that is mirrored to git.postgresql.org. I didn't check which
> > > > repo the tarball building script pulls from (which is run on pginfra, in
> > > > case anyone is wondering about that) and perhaps it pulls from gitmaster
> > > > and not git.p.o.
> > >
> > > It does pull from gitmaster. There are multiple reasons for this design,
> > > but one is that a compromise of our public git server wouldn't imperil
> > > the contents of the official tarballs.
> >
> > That doesn't do much for the large number of folks who use
> > git.postgresql.org or the github mirror though, unfortunately. Signed
> > commits, on the other hand, would help.
>
> A slightly different tack on this question: How quickly would you
> notice that a rogue RPM had been inserted into the repo and then be
> able to fix it?
>
>
> By someone other than the trusted RPM builder ?
> On Thursday, July 29, 2021, 11:28:03 AM EDT, Stephen Frost <sfrost@snowman.net> wrote:
>
> > Greetings,
> >
> > * Tom Lane (tgl@sss.pgh.pa.us) wrote:
> > > Stephen Frost <sfrost@snowman.net> writes:
> > > > Indeed, that comment didn't seem to help clear things up. I'm guessing Dave
> > > > is referring to the fact that we have a separate "gitmaster" server, which
> > > > is also maintained by pginfra and is where committers actually push changes
> > > > to, and then that is mirrored to git.postgresql.org. I didn't check which
> > > > repo the tarball building script pulls from (which is run on pginfra, in
> > > > case anyone is wondering about that) and perhaps it pulls from gitmaster
> > > > and not git.p.o.
> > >
> > > It does pull from gitmaster. There are multiple reasons for this design,
> > > but one is that a compromise of our public git server wouldn't imperil
> > > the contents of the official tarballs.
> >
> > That doesn't do much for the large number of folks who use
> > git.postgresql.org or the github mirror though, unfortunately. Signed
> > commits, on the other hand, would help.
>
> A slightly different tack on this question: How quickly would you
> notice that a rogue RPM had been inserted into the repo and then be
> able to fix it?
>
>
> By someone other than the trusted RPM builder ?
Yes.
В списке pgsql-www по дате отправления: