Perhaps this issue could be solved by manipulating source tarballs in
question to obfuscate the problematic snippets. Eg,
gpg --encrypt --symmetric --passphrase WhiteList ICKY-FILE
This would be unpacked appropriately at build time.
If the same issue comes up for binaries, a similar mechanism could be
used there, with the post-installation scripts doing the de-obfuscation.
I won't say it's pretty ... but it would suppress these false positives.
--Barak.
--
Barak A. Pearlmutter
Hamilton Institute & Dept Comp Sci, NUI Maynooth, Co. Kildare, Ireland
http://www.bcl.hamilton.ie/~barak/
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/87ob6nvn5k....@cs.nuim.ie
