[Python-Dev] Status of packaging in 3.3
Vinay Sajip
vinay_sajip at yahoo.co.uk
Fri Jun 22 12:09:56 CEST 2012
Dag Sverre Seljebotn <d.s.seljebotn <at> astro.uio.no> writes:
> Well, but I think you need to care about the whole process here.
>
> Focusing only on the "end-user case" and binary installers has the flip
> side that smuggling in a back door is incredibly easy in compiled
> binaries. You simply upload a binary that doesn't match the source.
>
> The reason PyPI isn't one big security risk is that packages are built
> from source, and so you can have some confidence that backdoors would be
> noticed and highlighted by somebody.
>
> Having a common standards for binary installation phase would be great
> sure, but security-minded users would still need to build from source in
> every case (or trust a 3rt party build farm that builds from source).
> The reason you can trust RPMs at all is because they're built from SRPMs.
Easy enough on Posix platforms, perhaps, but what about Windows? One can't
expect a C compiler to be installed everywhere. Perhaps security against
backdoors could also be provided through other mechanisms, such as signing of
binary installers.
Regards,
Vinay Sajip
More information about the Python-Dev
mailing list