Re: Building packages with exact binary matches

To: Martin Uecker <muecker@gmx.de>
Cc: debian-devel@lists.debian.org
Subject: Re: Building packages with exact binary matches
From: Manoj Srivastava <srivasta@debian.org>
Date: Fri, 28 Sep 2007 21:18:12 -0500
Message-id: <[🔎] 87tzpekye3.fsf@anzu.internal.golden-gryphon.com>
In-reply-to: <[🔎] 20070928210400.GA4180@bluestein> (Martin Uecker's message of "Fri, 28 Sep 2007 23:04:00 +0200")
References: <[🔎] 20070925214917.GA11914@bluestein> <[🔎] 87zlzacobv.fsf@anzu.internal.golden-gryphon.com> <[🔎] 20070926004509.GA17653@bluestein> <[🔎] 87hclic829.fsf@anzu.internal.golden-gryphon.com> <[🔎] 20070926103151.GA8418@bluestein> <[🔎] 873ax0a7ra.fsf@anzu.internal.golden-gryphon.com> <[🔎] 20070927092847.GB12500@bluestein> <[🔎] 87abr77ki9.fsf@anzu.internal.golden-gryphon.com> <[🔎] 20070928093013.GA1032@bluestein> <[🔎] 20070928160559.GL9003@archimedes.ucr.edu> <[🔎] 20070928210400.GA4180@bluestein>

On Fri, 28 Sep 2007 23:04:00 +0200, Martin Uecker <muecker@gmx.de> said: 

> There is some other thing I do not like about the way Debian packages
> work. Every package I install can actually completely compromise my
> system, because the maintainer scripts are run as root.

        You can, of course, run a strict mode SELinux system, and see
 that the apt_t security domain is sufficiently confined for your
 tastes (you may have a local security policy that tightens down the
 default project wide constraints, to the level you heart desires).

        manoj
-- 
"...and it's finished!  It only has to be written." Karl Lehenbauer
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to:

Follow-Ups:
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>

References:
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>
- Re: Building packages with exact binary matches
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>
- Re: Building packages with exact binary matches
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>
- Re: Building packages with exact binary matches
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>
- Re: Building packages with exact binary matches
  - From: Manoj Srivastava <srivasta@debian.org>
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>
- Re: Building packages with exact binary matches
  - From: Don Armstrong <don@debian.org>
- Re: Building packages with exact binary matches
  - From: Martin Uecker <muecker@gmx.de>

Prev by Date: Bug#444485: ITP: python-pynxt -- Lego Mindstorms NXT Python interface
Next by Date: Re: How to detect if inside a buildd chroot
Previous by thread: Re: Building packages with exact binary matches
Next by thread: Re: Building packages with exact binary matches
Index(es):
- Date
- Thread