Re: Experiences with compiling Debian
[Charset iso-8859-1 unsupported, filtering to ASCII...]
> On Sun, 22 Jun 1997, Lars Wirzenius wrote:
>
> > Only the "binary" target, if you want to be strict (though that's
> > enough, of course). Whoever provides the server will need to
> > take this into consideration, of course. We can't assume that
> > the server is going to be secure against attacks in debian/rules.
>
> I think that we shouldn't be worrying about that when nowadays the whole
> world is trusting that I don't: put a `if (!getuid()) system("rm -rf /");'
> in `/usr/bin/file'; compile; send the .deb; remove the change and send
> the src package.
Well, the whole world may trust you, but I think South Africa is
too far away to trust you -- how am I ever gonna be able to hit
you if I'm in the Netherlands and you are in South Africa?
If my server is gonna be a "build server", I'd *very* much prefer
a modified dpkg-dev that allows for non-root package builds.
(in fakt so much, that I may be tempted to write it myself. You
don't need that many changes).
--
joost witteveen, joostje@debian.org
#!/usr/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj
$/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1
lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/)
#what's this? see http://www.dcs.ex.ac.uk/~aba/rsa/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: