| 1 |
On Sun, 7 Sep 2003 19:07:03 +0000 |
| 2 |
Jan Krueger <jk@×××××××××××.net> wrote: |
| 3 |
|
| 4 |
> The notable difference is: |
| 5 |
> /usr/sbin/foo is not executed automaticly while emerge. |
| 6 |
|
| 7 |
You lack imagination: the bash scripts used by emerge are just |
| 8 |
as easy to corrupt using a src_install only ebuild. |
| 9 |
|
| 10 |
> On the other hand i try discuss on g-hardened how to detect malicious |
| 11 |
> code. |
| 12 |
|
| 13 |
Cryptographic signature as suggested by avenj would be a much more |
| 14 |
realistic approach here. Since I do my phd in the security-oriented |
| 15 |
program analysis domain, it breaks my heart to say that, but it's a |
| 16 |
fact. |
| 17 |
|
| 18 |
> > What is done in pkg_postinst is supposed to be good on every system. |
| 19 |
> For sure, Windows is supposed to be good on every system too. |
| 20 |
> However its deficencies make it from time to time a threat for the |
| 21 |
> internet: code red, nimda to name just 2 of them. |
| 22 |
|
| 23 |
I said "good", not "enough". I don't believe that src_postinst commands |
| 24 |
will make your server super secure, but only that they do things that |
| 25 |
are usefull and as safe as other parts of the ebuilds. |
| 26 |
|
| 27 |
> I see the potential for gentoo to join windows on its way to bring the |
| 28 |
> internet down. |
| 29 |
|
| 30 |
I withdraw what I've said, you do have imagination. :) |
| 31 |
That would be a nice success story though. |
| 32 |
|
| 33 |
-- |
| 34 |
TGL. |
| 35 |
|
| 36 |
-- |
| 37 |
gentoo-dev@g.o mailing list |
Archives