[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Package maintainer script policy.

>>"Raul" == Raul Miller <rdm@test.legislate.com> writes:

 Raul> Manoj Srivastava <srivasta@datasync.com> wrote:
 Buddha> Should I report this as a bug?
 >> Umm, no. Why should this be a bug? If it handles all the ways
 >> it can be called, and seems to do the right thing, it can be anything
 >> executable at all. In other words, if it conforms to policy, it
 >> should be OK.

 Raul> I think it should be a wishlist bug.  This is a required package,
 Raul> and in a secure environment you'd like to be able to verify the
 Raul> dpkg scripts before running them (or perform the steps by hand).

	Nonsense. You are downloading a *BINARY* package. You are
 worried about a itty-bitty script, and blithely go about installing
 the binaries? What kind of a (pardon me) half-assed security measure
 is that? If you are that secure, you download the sources, and you
 look them over (in which case you look over the postinst exec as

	This is not a good enough reason for this to be even a
 wishlist bug.

 security issues are usually best left to experts
 The further the spiritual evolution of mankind advances, the more
 certain it seems to me that the path to genuine religiosity does not
 lie through the fear of life, and the fear of death, and blind faith,
 but through striving after rational knowledge. Albert Einstein
Manoj Srivastava  <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05  CC 2D 27 12 1D F5 E8 6E

To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: