Re: Using buildds only (was: Results of the meeting...)

[Olaf van der Spek <olafvdspek@gmail.com>]

On 8/22/05, Martin Pitt <mpitt@debian.org> wrote:
> Hi Olaf!

Hi, ;->
 
> > With a (far) better privilege system you could avoid running most if
> > not all code as root, but that's another topic.
> 
> No, you can't. The naming (whether you call it root or whatever) is
> insignificant. You can't write down a set of rules that describe which
> actions are deemed "good" and "bad", and since packages do need fairly

Why not?
For example, I think most/some packages don't require the privilege to
write to files owned by other packages.

> many privileges to install and change files in a system, and execute
> code (postinst, etc.), you can always screw up user's systems with a
> malicious package.
> 
> That's why we mainly trust developers, 

I agree.

> not heuristics on the buildds.