tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Updating plans of lang/ghc

From: David Holland <>
Subject: Re: Updating plans of lang/ghc
Date: Thu, 9 Jan 2014 19:24:34 +0000

>  > Well... I'm puzzled. Are you saying I have to prove that machines I
>  > used to build my kits were not trojanized by any means? Obviously I
>  > can't. No one on the earth can prove such things.
> No, only that you've taken reasonable (or equivalently, adequately
> paranoid) steps to be careful about securing the machines involved and
> not exposed the builds to known hazards.
> (Cloud hosting is one known hazard, for example, that's probably best
> avoided for any binaries like this.)

Okay. Here's an updated summary of my bootstrap kits:

* NetBSD/amd64, FreeBSD/i386, Darwin/ppc [SAFE]: These kits were built
  on my secured private machines under my exclusive control.

* Linux/amd64 [UNSAFE]: I built my kit for this one on a machine
  shared with my co-workers with root access.

* NetBSD/i386 [UNSAFE]: I built my kit for this one on an Amazon EC2
  instance (although it's private).

 - PHO -               
OpenPGP public key: 1024D/1A86EF72
Fpr: 5F3E 5B5F 535C CE27 8254  4D1A 14E7 9CA7 1A86 EF72

Attachment: pgp07siwZF9mT.pgp
Description: PGP signature

Home | Main Index | Thread Index | Old Index