1 |
On Sun, Sep 07, 2003 at 06:45:58PM +0200, Thomas de Grenier de Latour wrote: |
2 |
> On Sun, 7 Sep 2003 18:21:19 +0000 |
3 |
> Jan Krueger <jk@×××××××××××.net> wrote: |
4 |
> |
5 |
> > put |
6 |
> > rm -rf / |
7 |
> > in pkg_postinst |
8 |
> > |
9 |
> > put |
10 |
> > rm -rf / |
11 |
> > in src_install |
12 |
> > |
13 |
> > See the difference? |
14 |
> > |
15 |
> |
16 |
> In any system package "foo", put in src_install(): |
17 |
> cat << EOF > ${D}/usr/sbin/foo |
18 |
> #!/bin/sh |
19 |
> rm -rf / |
20 |
> EOF |
21 |
> |
22 |
> Not that better... |
23 |
> |
24 |
> I think if you don't trust ebuilds, then you should not use them, or at |
25 |
> least read them before. The same apply to any distribution package. |
26 |
> |
27 |
> What is done in pkg_postinst is supposed to be good on every system. If |
28 |
> you find an ebuild in which it is not true, then report it as a bug and |
29 |
> if there is no safe way to fix it, then the command will probably be |
30 |
> turned into some einfo message asking you to do it by hand. |
31 |
> |
32 |
> |
33 |
|
34 |
The only real vulnerability is if rsync mirrors are compromised. This is |
35 |
a major issue, and one that needs to be tackled with GPG signing of |
36 |
ebuilds - something that seems to be on hold for whatever reason. |
37 |
|
38 |
CC'ing portage-dev. |
39 |
|
40 |
-- |
41 |
Jon Portnoy |
42 |
avenj/irc.freenode.net |
43 |
|
44 |
-- |
45 |
gentoo-dev@g.o mailing list |