Le mercredi 07 décembre 2011 à 10:36 -0500, seth vidal a écrit :
I've looked into spawning virt instances to do building and it
is
pretty doable. The problem with them being offered by volunteers is
trust:
1. how do we trust the initial installation hasn't been poisoned unless
we ship all the bits over ourselves.
2. how do we trust the in-flight build isn't molested
3. how do the people providing the trust insure against
tainted/dangerous builds doing $bad_things on their systems.
this is why I concluded that the idea of donated/volunteered VM was not
going to work - additionally b/c the bandwidth requirements are
non-trivial for many builds.
Concerning trust, the classic way it has been solved before (by seti…)
is to farm the same build to several independant nodes, cheksum results
and make sure they all agree
Of course that supposes builds are strictly reproductible (centos folks
would love this) and that makes the system a lot less efficient. But
then, trust has a price too
--
Nicolas Mailhot