| 1 |
Andrew Gaffney wrote: |
| 2 |
> Ciaran McCreesh wrote: |
| 3 |
>> Andrew Gaffney wrote: |
| 4 |
>>> I'm not sure that's really a feasible solution (but then you probably |
| 5 |
>>> weren't suggesting it with that intention). Being able to create a |
| 6 |
>>> "backup" of any installed package without re-emerging is pretty |
| 7 |
>>> handy. Many people use it and there would be a revolt if quickpkg |
| 8 |
>>> were removed. |
| 9 |
>> |
| 10 |
>> Then live-filesystem-generated packages could be marked as 'not for |
| 11 |
>> redistribution'. |
| 12 |
> |
| 13 |
> That's certainly a lot more feasible. However, it would have to be marked |
| 14 |
> in some way that portage would recognize, and that marking could still |
| 15 |
> likely be easily removed. |
| 16 |
> |
| 17 |
It's more feasible than banning the creation of packages from a running |
| 18 |
system, that's true. The original solution doesn't seem so infeasible to me |
| 19 |
though.. I have a feeling this is more about an alternative bin format ;) |
| 20 |
|
| 21 |
> This still allows the social engineering attack. Someone can get a binpkg |
| 22 |
> created with quickpkg of someone else's baselayout and then remove the |
| 23 |
> marking that would make portage gripe. |
| 24 |
> |
| 25 |
Agreed. |
| 26 |
|
| 27 |
As a user, I'd much rather just be able to quickpkg whenever I choose, and |
| 28 |
know that the system will not allow sensitive files to be copied. Starting |
| 29 |
with /etc/shadow and the like is great by me, as I'm fairly sure there'll |
| 30 |
be a sensible plain-text config file I can edit by hand if I need to. If I |
| 31 |
were to allow such files to be copied, I'd like a warning. Yes I mess up |
| 32 |
sometimes, so what? I'm the user, it's expected ;p |
| 33 |
|
| 34 |
|
| 35 |
-- |
| 36 |
gentoo-dev@g.o mailing list |
Archives