1 |
On Tuesday 09 September 2003 10:42 am, Alexander Gretencord wrote: |
2 |
> Making pkg_postinst sandboxed too would |
3 |
> be cool, prevents some lame things from happening because someone was |
4 |
> asleep when commiting an ebuild but thats it. It doesn't help against an |
5 |
> attacker. |
6 |
|
7 |
That would not be cool at all. pkg_postinst is *the* one place in the ebuild |
8 |
where we can do things that need to be done on the live filesystem or the |
9 |
machine at large. Sandboxing this would not be helpful. |
10 |
|
11 |
By the time the ebuild is being executed on your machine, it's already too |
12 |
late. If security is what you want, you need something that'll stop the code |
13 |
running in the first place. |
14 |
|
15 |
Best regards, |
16 |
Stu |
17 |
-- |
18 |
Stuart Herbert stuart@g.o |
19 |
Gentoo Developer http://www.gentoo.org/ |
20 |
Beta packages for download http://dev.gentoo.org/~stuart/packages/ |
21 |
Come and meet me in March 2004 http://www.phparch.com/cruise/ |
22 |
|
23 |
GnuGP key id# F9AFC57C available from http://pgp.mit.edu |
24 |
Key fingerprint = 31FB 50D4 1F88 E227 F319 C549 0C2F 80BA F9AF C57C |
25 |
-- |