Re: Should debhelper's dh_md5sums and dh_makeshlibs use chown?

To: Jean Pierre LeJacq <jplejacq@quoininc.com>
Cc: debian-devel@lists.debian.org
Subject: Re: Should debhelper's dh_md5sums and dh_makeshlibs use chown?
From: Rob Browning <rlb@cs.utexas.edu>
Date: 25 Feb 1998 02:12:45 -0600
Message-id: <[🔎] 87btvwnlvm.fsf@nevermore.csres.utexas.edu>
In-reply-to: Jean Pierre LeJacq's message of "Tue, 24 Feb 1998 17:46:19 -0500 (EST)"
References: <[🔎] m0y7TAt-000b9GC@mail.quoininc.com>

Jean Pierre LeJacq <jplejacq@quoininc.com> writes:

> I believe super works as well but I don't believe that either super or
> fakeroot are safer.  I'm concerned that too much may be done in the
> binary target causing a poorly constructed package to possibly damage
> the builders system (I've done this to myself).  It seems that a
> reasonable policy should restrict super user access to only where its
> required.

Depends on what you mean by safer, but in some ways fakeroot is
*absolutely* safer.  With fakeroot, you're never actually root (as you
are with su or super), so you can't actually do something silly like
"rm -r /" during the build process.  Now you still could construct a
pacakge that did that in a script, but that's a whole different
problem.

-- 
Rob Browning <rlb@cs.utexas.edu>
PGP fingerprint = E8 0E 0D 04 F5 21 A0 94  53 2B 97 F5 D6 4E 39 30

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: Should debhelper's dh_md5sums and dh_makeshlibs use chown?
  - From: Jean Pierre LeJacq <jplejacq@quoininc.com>

Prev by Date: Re: Proposal: emacsen and add-on package handling
Next by Date: Re: Possible new name for "deity"
Previous by thread: Re: Should debhelper's dh_md5sums and dh_makeshlibs use chown?
Next by thread: Re: [ANNOUCEMENT] Kaffe: The future
Index(es):
- Date
- Thread