Re: Should debhelper's dh_md5sums and dh_makeshlibs use chown?
Jean Pierre LeJacq <jplejacq@quoininc.com> writes:
> I believe super works as well but I don't believe that either super or
> fakeroot are safer. I'm concerned that too much may be done in the
> binary target causing a poorly constructed package to possibly damage
> the builders system (I've done this to myself). It seems that a
> reasonable policy should restrict super user access to only where its
> required.
Depends on what you mean by safer, but in some ways fakeroot is
*absolutely* safer. With fakeroot, you're never actually root (as you
are with su or super), so you can't actually do something silly like
"rm -r /" during the build process. Now you still could construct a
pacakge that did that in a script, but that's a whole different
problem.
--
Rob Browning <rlb@cs.utexas.edu>
PGP fingerprint = E8 0E 0D 04 F5 21 A0 94 53 2B 97 F5 D6 4E 39 30
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: