harrysintonen OP , 28 days ago @dolmen Many systems are based on #bootstrapping and #reproducableBuilds • https://bootstrappable.org/ • https://reproducible-builds.org/ • https://en.wikipedia.org/wiki/Bootstrapping_(compilers) These ensure that the build system integrity cannot be tampered with. One example of such system is https://openbuildservice.org/ Here's a great read on the topic from #SUSE : https://documentation.suse.com/sbp/server-linux/html/SBP-SLSA4/ Generally Supply-chain Levels for Software Artifacts (#SLSA) framework is a great resource on this topic: https://slsa.dev/ #cybersecurity #infosec
@dolmen Many systems are based on #bootstrapping and #reproducableBuilds • https://bootstrappable.org/ • https://reproducible-builds.org/ • https://en.wikipedia.org/wiki/Bootstrapping_(compilers)
These ensure that the build system integrity cannot be tampered with. One example of such system is https://openbuildservice.org/
Here's a great read on the topic from #SUSE : https://documentation.suse.com/sbp/server-linux/html/SBP-SLSA4/
Generally Supply-chain Levels for Software Artifacts (#SLSA) framework is a great resource on this topic: https://slsa.dev/ #cybersecurity #infosec