Skip to content

Have bots sign snapshots #13254

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
brson opened this issue Apr 1, 2014 · 5 comments
Closed

Have bots sign snapshots #13254

brson opened this issue Apr 1, 2014 · 5 comments
Labels
A-security Area: Security (example: address space layout randomization).

Comments

@brson
Copy link
Contributor

brson commented Apr 1, 2014

cc #13252. In order to have increased confidence that any given Rust hasn't been MITMed we need to go all the way to the source and sign the binary snaps.
@thestinger thestinger mentioned this issue Apr 1, 2014
Closed
@brson brson mentioned this issue Dec 3, 2014
Closed
65 tasks
@steveklabnik
Copy link
Member

I believe we do this now, right @brson @edunham ? https://static.rust-lang.org/dist/staging/index.html has signatures

@alexcrichton
Copy link
Member

Currently we just sign nightlies, not snapshots unfortunately

@steveklabnik
Copy link
Member

Ah! Right.

@brson
Copy link
Contributor Author

brson commented Jul 6, 2015

The current thinking is that we will remove snapshots entirely and move to using nightlies for bootstrapping.

@alexcrichton
Copy link
Member

Done!

Well, snapshots are removed, so it's vacuously done

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
A-security Area: Security (example: address space layout randomization).
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@steveklabnik @alexcrichton @brson @thestinger