Tollef Fog Heen wrote: > * Martin Uecker [...]
> | There was a thread "building packages with exact binary matches" > | about it. Unfortunately, most people seem to think that this is not > | worth it. > > I don't think that's unfortunate; I think it's a waste of resources > better spent elsewhere. If somebody hacks into a DD's machine, the obvious thing for an attacker to do is to trojan a Debian package. I wonder how long it would take to find out... Maybe it did already happen, who knows? > | > I believe that postinsts need the flexibility shell (or perl or > | > python or whatever) gives them. If you want to restrict postinsts > | > to only be able to do a limited set of operations, the quality of > | > packages will detoriate quite a bit as they are no longer flexible > | > enough to cater for all packages's needs. In fact, I think the opposite would be the case: The quality of Debian would rise, because there would be the need to establish standard interfaces for all reasonable cases where packages have to mess with the system during installation. Compare this with running windows applications without system privileges. You could argue as above, that the quality of those programs will detoriate, because applications are no longer flexible to cater for all applications's need. So where is the difference? Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
