[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Building packages with exact binary matches

On Fri, 28 Sep 2007 23:04:00 +0200, Martin Uecker <muecker@gmx.de> said: 

> There is some other thing I do not like about the way Debian packages
> work. Every package I install can actually completely compromise my
> system, because the maintainer scripts are run as root.

        You can, of course, run a strict mode SELinux system, and see
 that the apt_t security domain is sufficiently confined for your
 tastes (you may have a local security policy that tightens down the
 default project wide constraints, to the level you heart desires).

"...and it's finished!  It only has to be written." Karl Lehenbauer
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B  924B 21BA DABB BF24 424C

Reply to: