Haha, unlucky fags

archives.gentoo.org/gentoo-announce/message/dc23d48d2258e1ed91599a8091167002

Haha, unlucky fags.

Attached: 3e5447c43e90fcb60c59586dc21fe988376851d13104874f53f773374ae31bc3.jpg (538x491, 30K)

Other urls found in this thread:

archive.fo/SvFJ2
twitter.com/AnonBabble

Hmm. I wonder if this means the end of the install gentoo meme.

literally nothing

Not if people were using github to merge new software.

OH NO NO NO NO

Did you even read the announcement?

The ending of grsec kernel patches and thus pointlessness of hardened gentoo should have been reason enough to abandon that meme.
Now only OpenBSD or seL4 are the only sane OS suggestions.

For some reason gentoo has this github and hosts software on it that they admit to. If for any reason someone has downloaded and used that software, it's possible it could be affected. I don't know what the software is, but they do and whoever downloads and uses it also does.

Cucked?

*is

The only point of that repo is for browsing the repository and submiting PRs. There's a seperate github account and repos for if you actually wanted to sync via git.
Just because somone was being racist, closing PRs, and force pushing some code on third party infrastructure I'm not going to pretend it's the end of the world. It's not like he was being stealthy or anything.

What else would you expect from a distribution that doesn't sigh it's packages. You could expect more security when downloading random warez from torrents rather than syncing any of gentoo's repos.

It doesn't matter about being stealthy. It matters about making a cause and reaping what it is.

l
o
l

Let me clear this up because you cleary don't understand how this works. Every package has a Manifest file listing all the hashes of the ebuilds and other files related to that package such as patches. The category the patch is in has a compressed manifest file (Manifest.gz) which contains the hash of all the manifest files for each package of the category. In the root directory there is another compressed manifest file (Manifest.files.gz) which contains a hash of every manifest file of each category. Finally in the same directory as that there is a uncompressed Manifest file which contains the hash of Manifest.files.gz and is signed with the "Gentoo Portage Snapshot Signing Key (Automated Signing Key)".
This setup allows the whole entire repository to be verified by attaching a signature to a single manifest file.

Serves them right for trusting microcuck

Install funtoo ;^)

Literally nothing.

It's less about what the ebuilds do and more how this guy got in.

I wonder who could be behind this

archive.fo/SvFJ2


What an amateur.

At least Gentoo's main code repo is self-hosted.

Going to add in that the reason why rm -rf / doesn't work is that there is a sandbox running which will terminate the build if it's writes to a file or something like that outside of the working directory.

OP literally linked to an archive, so why are you complaining about no archive?

Repeat the results you nitwit.

See and do that for yourself

It's literally nothing.
Gentoo has little to do on Github.