Re: Building packages with exact binary matches
On Fri, 28 Sep 2007 23:04:00 +0200, Martin Uecker <muecker@gmx.de> said:
> There is some other thing I do not like about the way Debian packages
> work. Every package I install can actually completely compromise my
> system, because the maintainer scripts are run as root.
You can, of course, run a strict mode SELinux system, and see
that the apt_t security domain is sufficiently confined for your
tastes (you may have a local security policy that tightens down the
default project wide constraints, to the level you heart desires).
manoj
--
"...and it's finished! It only has to be written." Karl Lehenbauer
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/~srivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: