| 1 |
On Fri, 12 Jan 2007 06:38:23 +0900 Georgi Georgiev <chutz@×××.net> |
| 2 |
wrote: |
| 3 |
| I agree that if an ebuild wants to misbehave it can and there is no |
| 4 |
| stopping it. However, code that is executed in pkg_* is generally |
| 5 |
| restricted to code written by the person who is involved in |
| 6 |
| maintaining the ebuild. It is easy to read that code and see what it |
| 7 |
| does. In contrast, the stuff that is run with lowered privileges is |
| 8 |
| usually coded upstream. I'd like to have that run with lowered |
| 9 |
| privileges, no matter what. |
| 10 |
|
| 11 |
So you trust upstream to install arbitrary content on your computer, |
| 12 |
some of which may not be removed even when you uninstall the package, |
| 13 |
but you don't trust the package to compile with elevated privs, even |
| 14 |
when a Gentoo developer has carefully checked why userpriv is required? |
| 15 |
|
| 16 |
-- |
| 17 |
Ciaran McCreesh |
| 18 |
Mail : ciaranm at ciaranm.org |
| 19 |
Web : http://ciaranm.org/ |
| 20 |
Paludis, the secure package manager : http://paludis.pioto.org/ |
Archives