On Tue, 29 Apr 2014 11:35:26 +0800 Paul Wise <p...@debian.org> wrote:
> On Tue, Apr 29, 2014 at 8:07 AM, Marko Randjelovic wrote: > > > - security patches should be clearly marked as such in every *.patch > > file > > That sounds like a good idea, could you add it to the wiki page? I added this: "Debian policy should require that in every source package all security packages should be clearly marked as such in standard and easily parsable way with optional further references." > > > - easy create and run programs from chroot and alternate users > > Could you detail what you mean by this? It sounds like you want either > virtual machines or something like docker.io: > > https://packages.debian.org/sid/docker.io Cencerely, I never heard about Docker before, I didn't mean about VMs and I meant about chrooting. I was thinking about some kind of wizard: - create a chroot if doesn't already exist - create a launcher for your DE - create a shell script to run a program from terminal or a simple WM hint: chroot $CHROOT_PATH su - $USER -c "$command_with_args" > > > - apt-get should automaticaly check checksums > > That happens now, if you find an instance where it does not, please > file a severity serious bug report on apt with enough detail for the > maintainers to debug and fix it. > > https://www.debian.org/Bugs/Reporting > I didn't know it, does apt-get/aptitude/synaptic do complete checks? 1. verify Release file signature 2. verify checksums of repo files 3. verify checksums of individual .deb files I remmember some time ago I edited a file with hexedit (after apt-get downloaded it) and tried to install it with apt-get and it didn't complain. -- http://markorandjelovic.hopto.org One should not be afraid of humans. Well, I am not afraid of humans, but of what is inhuman in them. Ivo Andric, "Signs near the travel-road" -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140429122053.2c7a5...@eunet.rs
