1 |
Andrew Gaffney wrote: |
2 |
> Ciaran McCreesh wrote: |
3 |
>> Andrew Gaffney wrote: |
4 |
>>> I'm not sure that's really a feasible solution (but then you probably |
5 |
>>> weren't suggesting it with that intention). Being able to create a |
6 |
>>> "backup" of any installed package without re-emerging is pretty |
7 |
>>> handy. Many people use it and there would be a revolt if quickpkg |
8 |
>>> were removed. |
9 |
>> |
10 |
>> Then live-filesystem-generated packages could be marked as 'not for |
11 |
>> redistribution'. |
12 |
> |
13 |
> That's certainly a lot more feasible. However, it would have to be marked |
14 |
> in some way that portage would recognize, and that marking could still |
15 |
> likely be easily removed. |
16 |
> |
17 |
It's more feasible than banning the creation of packages from a running |
18 |
system, that's true. The original solution doesn't seem so infeasible to me |
19 |
though.. I have a feeling this is more about an alternative bin format ;) |
20 |
|
21 |
> This still allows the social engineering attack. Someone can get a binpkg |
22 |
> created with quickpkg of someone else's baselayout and then remove the |
23 |
> marking that would make portage gripe. |
24 |
> |
25 |
Agreed. |
26 |
|
27 |
As a user, I'd much rather just be able to quickpkg whenever I choose, and |
28 |
know that the system will not allow sensitive files to be copied. Starting |
29 |
with /etc/shadow and the like is great by me, as I'm fairly sure there'll |
30 |
be a sensible plain-text config file I can edit by hand if I need to. If I |
31 |
were to allow such files to be copied, I'd like a warning. Yes I mess up |
32 |
sometimes, so what? I'm the user, it's expected ;p |
33 |
|
34 |
|
35 |
-- |
36 |
gentoo-dev@g.o mailing list |