[Fedora-packaging] Re: No pre-built applications rule

Rex Dieter rdieter at math.unl.edu
Sun Sep 17 17:01:46 UTC 2006

Paul wrote:
> Hi,
>> It's come to my attention that we don't have a "Packages must be built
>> from source, no precompiled binaries" rule in the current guidelines.  I
>> think this is an oversight as the Binary Firmware section:
>> http://www.fedoraproject.org/wiki/Packaging/Guidelines#BinaryFirmware
> I have a problem with that and it's called ikvm (one of the mono
> packages). It cannot be built from source as FE or FC doesn't have the
> bits in yet (I looked into it a while back, but it's beyond my knowledge
> to do things with java stuff that needs bringing in). The package that
> was accepted is prebuilt.

Building from source (also) brings a certain level of trust to the
built-binary, which you don't necessarily have when using prebuilt
binaries (from potentially untrusted sources).  In general, for this
reason alone, I think it's not a good idea to accept prebuilt binaries.

-- Rex

More information about the Fedora-packaging mailing list