18Şub
Increasing trust in a downloaded binary
I'm building a tool and users will run it by downloading a binary. What I'm considering is good ways to secure this for the user. There's for me easy ways like "Recommend running this on a new temporary VM without internet access". I've added file hashes on recommendation but that's mainly theater.
Are there other ways to signal "yes, this binary is trustworthy" without making it open source so people could actually look?
Currently I'm only providing a linux version so there's no global code signing like for mac/win.
