Re: ca-certificates symlinks out of /etc

To: debian developers <debian-devel@lists.debian.org>
Subject: Re: ca-certificates symlinks out of /etc
From: Gabor Gombas <gombasg@sztaki.hu>
Date: Thu, 2 Nov 2006 11:13:18 +0100
Message-id: <[🔎] 20061102101318.GH12653@boogie.lpds.sztaki.hu>
In-reply-to: <20061031181045.GA20364@piper.madduck.net>
References: <20061031181045.GA20364@piper.madduck.net>

On Tue, Oct 31, 2006 at 07:10:45PM +0100, martin f krafft wrote:

>   cat /etc/ssl/certs/cacert-class3.pem >> /etc/ssl/certs/cacert.pem
> 
> on systems that needed access to all of CACert's certificates.

Btw., mounting /usr read-only is a good way to prevent stupid bugs like
this. You can configure apt to re-mount it r/w when during package
install/removal so upgrade/install still works, and that catches 99% of
the cases you want to write under /usr. For the other 1% forcing you to
think and remount it manually is actually a good thing.

Gabor

-- 
     ---------------------------------------------------------
     MTA SZTAKI Computer and Automation Research Institute
                Hungarian Academy of Sciences
     ---------------------------------------------------------

Reply to:

Prev by Date: Re: Bug#395262: "Arch: all" package FTBFS due to test needing network access - RC?
Next by Date: Building in a directory named "something:something"
Previous by thread: Re: ca-certificates symlinks out of /etc
Next by thread: Re: ca-certificates symlinks out of /etc
Index(es):
- Date
- Thread