LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Safeguarding GNOME.org with an upload lockdown

Safeguarding GNOME.org with an upload lockdown

Posted Nov 24, 2011 12:41 UTC (Thu) by ovitters (subscriber, #27950)
In reply to: Safeguarding GNOME.org with an upload lockdown by liw
Parent article: Safeguarding GNOME.org with an upload lockdown

That is something I'd like to see, but not that easy as:
- tarball is more than just a tag from git
- ./autogen.sh and make dist have various dependencies; these aren't static
- we do this on a server, don't want to touch it
- sometimes make dist even creates a ChangeLog from git, etc

So though I'd like to see this, it is rather difficult. For short term security again it is easier to focus on something I can achieve.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds