[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Using buildds only (was: Results of the meeting...)

On 8/22/05, Adrian von Bidder <avbidder@fortytwo.ch> wrote:
> On Monday 22 August 2005 16.08, W. Borgert wrote:
> [...]
> > This is a really nice idea: A DD with a strange sense of humour
> > could
> [...]
> If we're starting to worry about what kind of damage a DD can do to the
> world by providing some bogus uploads, let's just not.   Any DD can cause
> code to be executed as root on a potentially very big number of machines
> world wide, source-only uploads or not, and there are many ways to
> obfuscate malicious code within a big, complex application.

With a (far) better privilege system you could avoid running most if
not all code as root, but that's another topic.

Reply to: