[haiku-development] Re: Design for signed packages
- From: Jonathan Schleifer <js-haiku-development@xxxxxxxxxxx>
- To: haiku-development@xxxxxxxxxxxxx
- Date: Wed, 26 Mar 2014 21:37:29 +0100
Am 26.03.2014 um 21:32 schrieb Ingo Weinhold <ingo_weinhold@xxxxxx>:
> On 26.03.2014 04:13, Jonathan Schleifer wrote:
>> Am 25.03.2014 um 22:00 schrieb Rene Gollent <anevilyak@xxxxxxxxx>:
>>> +1, I frankly don't see the point of most of this myself, it's
>>> certainly not functionality I'd voluntarily use at least, or be
>>> willing to see enabled in a default build.
>>
>> So you really think it's better that the default is to download
>> unsigned binaries than to have signed packages?
>
> Rene is probably just too annoyed to reply. He was referring to Haiku
> implementing Secure Boot support (he quoted that part from my mail). How you
> make that about downloading unsigned binaries ...
>
>> So you basically
>> prefer remote code execution with full system access, because that's
>> what it basically is? Come on, you're not serious?
>
> ... and remote code execution is beyond me.
Oh, I mistook that for a comment about signing packages. Well, downloading and
executing unsigned packages is basically remote code execution. You execute
code from a remote without checking it. That's what I meant with that.
--
Jonathan
Other related posts:
