Re: Using buildds only (was: Results of the meeting...)
On 8/22/05, Martin Pitt <email@example.com> wrote:
> Hi Olaf!
> > With a (far) better privilege system you could avoid running most if
> > not all code as root, but that's another topic.
> No, you can't. The naming (whether you call it root or whatever) is
> insignificant. You can't write down a set of rules that describe which
> actions are deemed "good" and "bad", and since packages do need fairly
For example, I think most/some packages don't require the privilege to
write to files owned by other packages.
> many privileges to install and change files in a system, and execute
> code (postinst, etc.), you can always screw up user's systems with a
> malicious package.
> That's why we mainly trust developers,
> not heuristics on the buildds.