| 1 |
On Tuesday 09 September 2003 10:42 am, Alexander Gretencord wrote: |
| 2 |
> Making pkg_postinst sandboxed too would |
| 3 |
> be cool, prevents some lame things from happening because someone was |
| 4 |
> asleep when commiting an ebuild but thats it. It doesn't help against an |
| 5 |
> attacker. |
| 6 |
|
| 7 |
That would not be cool at all. pkg_postinst is *the* one place in the ebuild |
| 8 |
where we can do things that need to be done on the live filesystem or the |
| 9 |
machine at large. Sandboxing this would not be helpful. |
| 10 |
|
| 11 |
By the time the ebuild is being executed on your machine, it's already too |
| 12 |
late. If security is what you want, you need something that'll stop the code |
| 13 |
running in the first place. |
| 14 |
|
| 15 |
Best regards, |
| 16 |
Stu |
| 17 |
-- |
| 18 |
Stuart Herbert stuart@g.o |
| 19 |
Gentoo Developer http://www.gentoo.org/ |
| 20 |
Beta packages for download http://dev.gentoo.org/~stuart/packages/ |
| 21 |
Come and meet me in March 2004 http://www.phparch.com/cruise/ |
| 22 |
|
| 23 |
GnuGP key id# F9AFC57C available from http://pgp.mit.edu |
| 24 |
Key fingerprint = 31FB 50D4 1F88 E227 F319 C549 0C2F 80BA F9AF C57C |
| 25 |
-- |
Archives