| 1 |
I grepped through portage today and it appears that there are a large |
| 2 |
number of ebuilds that abuse addwrite in bad (potentially dangerous) ways. |
| 3 |
|
| 4 |
I'll spare the list at this time and ask that anyone maintaining such an |
| 5 |
ebuild *please* try to fix it (patch, bug upstream, etc) so that it |
| 6 |
isn't required. This is both for the safety of gentoo users and for |
| 7 |
security. |
| 8 |
|
| 9 |
Pebenito has also started work on an SELinux based sandbox (does the |
| 10 |
same thing as sandbox, just limits it using SELinux domains for SELinux |
| 11 |
users). Since it wouldn't have the ability to do these arbitrary rule |
| 12 |
additions all these ebuilds would fail. |
| 13 |
|
| 14 |
Thanks |
| 15 |
|
| 16 |
Joshua Brindle |
| 17 |
|
| 18 |
-- |
| 19 |
gentoo-dev@g.o mailing list |
Archives