tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yoav Shapira" <yo...@apache.org>
Subject Re: Binary build procedures
Date Tue, 23 May 2006 14:52:52 GMT
Mark,
The binary distributions are handled with the same security
precautions as the source ones.  Each distribution file is accompanied
by its MD5 checksum and is PGP-signed by the release manager.

The MD5 checksums, PGP signatures, and KEYS files (available with the
distro as well as on the main download pages) are all unmirrored,
residing only on the original apache.org servers.  So in addition to
the security granted by MD5 and PGP, someone would have to hack
apache.org and modify those very files in order to get you to trust
the release.  I'm not aware of that ever happening in the past.

Besides noting that the security for source distros (which you already
trust) are the same as binary distros, I'd further note that these
procedures are standard across the Foundation (i.e. Tomcat doesn't do
anything special here), and as such have been devised, verified, and
are monitored by a number of folks who know a whole lot more than I do
about distro integrity.

Finally, if you still don't trust binaries but do trust sources, you
always have the option of grabbing the latter distro and building the
binary yourself ;)

Yoav

On 5/23/06, Mark Claassen <mclaassen@ocie.net> wrote:
>
> My boss has implemented some new procedures with regard to open source
> projects.  He believes the source distributions are trustworthy, but he is
> not sure if he trusts the binary distributions.  I think the reasoning is
> that he is uncertain if the binary distributions are controlled as well as
> the source ones are.  And if they are not, someone could inject some
> malicious code to expose customer data or something.
>
> Can someone give me a brief explanation on how the binary distributions are
> created for 5.5?  Are the binary distributions created automatically from
> the repository, leaving no chance for nefarious tampering?
>
> Thanks,
> Mark
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
>
>


-- 
Yoav Shapira
Nimalex LLC
1 Mifflin Place, Suite 310
Cambridge, MA, USA
yoavs@computer.org / www.yoavshapira.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message