[Buildd-tools-devel] Bug#270439: Bug #270439: failed or aborted
downloads aren't resumed or even checked for completeness
Kilian Krause
kilian at debian.org
Mon Mar 13 21:51:41 UTC 2006
Roger,
thanks for getting back to me after so long.
> The attached patch adds proper checking to downloaded sources. This
> applies to current CVS, or sbuild 0.42 and other recent versions.
Ok.
> The first hunk takes care of verifying already downloaded sources. If
> this fails, it downloads them again. This fixes the main issue.
Good.
> The second hunk verifies /all/ sources prior to a build. This has the
> effect of requiring all .dsc files to verify and be signed.
> Currently, we do allow unsigned .dsc files.
Yes...
> The second hunk changes the behaviour of sbuild, but does make it more
> secure.
> Comments?
Well, actually I'd say the second behaviour should be the correct new
default. It should be having a switch though to enable and disable it,
allowing admins requiring unsigned sources (e.g. from their local
archive) to retain their current behaviour. Probably the package should
either ask through po-debconf whether it's to be enabled system-wide or
just left disabled and left to the individual user to overwrite that
default.
--
Best regards,
Kilian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : http://lists.alioth.debian.org/pipermail/buildd-tools-devel/attachments/20060313/4b293ff9/attachment-0001.pgp
More information about the Buildd-tools-devel
mailing list