Re: Building packages with exact binary matches
On Fri, 28 Sep 2007 23:04:00 +0200, Martin Uecker <firstname.lastname@example.org> said:
> There is some other thing I do not like about the way Debian packages
> work. Every package I install can actually completely compromise my
> system, because the maintainer scripts are run as root.
You can, of course, run a strict mode SELinux system, and see
that the apt_t security domain is sufficiently confined for your
tastes (you may have a local security policy that tightens down the
default project wide constraints, to the level you heart desires).
"...and it's finished! It only has to be written." Karl Lehenbauer
Manoj Srivastava <email@example.com> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C