[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Signing Packages.gz

On Mon, Apr 03, 2000 at 10:24:02AM +0200, Robert Bihlmeyer wrote:
> Nicolás Lichtmaier <nick@debian.org> writes:
> >  All packages can run things as root. Even the most simple game.
> Doing clandestine things in a install-script is harder than in a
> binary.

/usr/games/mygame --update-score-file-format

...with the malicious code in the game source itself seems pretty

Self-modifying postinsts are probably possible too, with some care.

aj, thinking like a criminal since 1978

Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
I don't speak for anyone save myself. GPG encrypted mail preferred.

 ``The thing is: trying to be too generic is EVIL. It's stupid, it 
        results in slower code, and it results in more bugs.''
                                        -- Linus Torvalds

Attachment: pgpCCMM3tLqYI.pgp
Description: PGP signature

Reply to: