20 lines
707 B
Markdown
20 lines
707 B
Markdown
# Deployment
|
|
|
|
|
|
## Risk: Binaries are replaced on the website with malicious ones
|
|
|
|
**Status: Partially-mitigated**
|
|
|
|
While this process is now mostly automated, should this automation ever be
|
|
compromised then there is nothing in our current process that would detect this.
|
|
|
|
We need:
|
|
|
|
* Reproducible Builds - we currently use public docker containers for all builds
|
|
which should allow anyone to compare distributed builds with ones built from source.
|
|
* Signed Releases - Open Privacy does not yet maintain a public record of staff
|
|
public keys. This is likely a necessity for signing released builds and
|
|
creating an audit chain backed by the organization. This process must be
|
|
manual by definition.
|
|
|