I don't really get it, how can I possibly protect others when the binaries I serve can potentially be malicious and I can potentially have malicious intentions ?
Should I post checksums ? Doesn't work :
- if I have malicious intentions the checksums will match the malicious binaries.
- if the binaries get changed without me knowing it means that the server got compromised, the checksums shouldn't then be trusted either
- if I post a link to SF, that won't help since some users won't be able to access it and it also could be compromised
Let's face it, if you're truly paranoid, you read the source and then you compile it. Oh wait, you'd need to compile gcc too
If you have better ideas than the couple I exposed I'm open. But I'd rather give no checksums than a false sense of security.
Should I post checksums ? Doesn't work :
- if I have malicious intentions the checksums will match the malicious binaries.
- if the binaries get changed without me knowing it means that the server got compromised, the checksums shouldn't then be trusted either
- if I post a link to SF, that won't help since some users won't be able to access it and it also could be compromised
Let's face it, if you're truly paranoid, you read the source and then you compile it. Oh wait, you'd need to compile gcc too
If you have better ideas than the couple I exposed I'm open. But I'd rather give no checksums than a false sense of security.
Quote from: Carl Sagan
If you want to make an apple pie from scratch, you must first create the universe.