Re: Security lessons from liblzma - Mailing list pgsql-hackers

From Tom Lane
Subject Re: Security lessons from liblzma
Date
Msg-id 765065.1711900191@sss.pgh.pa.us
Whole thread Raw
In response to Re: Security lessons from liblzma  (Joe Conway <mail@joeconway.com>)
Responses Re: Security lessons from liblzma
List pgsql-hackers
Joe Conway <mail@joeconway.com> writes:
> I am saying maybe those patches should be eliminated in favor of our 
> tree including build options that would produce the same result.

I don't really see how that can be expected to work sanely.
It turns the responsibility for platform-specific build issues
on its head, and it doesn't work at all for issues discovered
after we make a release.  The normal understanding of how you
can vet a distro's package is that you look at the package
contents (the SRPM in Red Hat world and whatever the equivalent
concept is elsewhere), check that the contained tarball
matches upstream and that the patches and build instructions
look sane, and then build it locally and check for a match to
the distro's binary package.  Even if we could overcome the
obstacles to putting the patch files into the upstream tarball,
we're surely not going to include the build instructions, so
we'd not have moved the needle very far in terms of whether the
packager could do something malicious.

            regards, tom lane



pgsql-hackers by date:

Previous
From: Bharath Rupireddy
Date:
Subject: Re: New Table Access Methods for Multi and Single Inserts
Next
From: Devrim Gündüz
Date:
Subject: Re: Security lessons from liblzma