Re: ssl security desaster
Tollef Fog Heen wrote:
> * Martin Uecker
> | There was a thread "building packages with exact binary matches"
> | about it. Unfortunately, most people seem to think that this is not
> | worth it.
> I don't think that's unfortunate; I think it's a waste of resources
> better spent elsewhere.
If somebody hacks into a DD's machine, the obvious thing for an attacker
to do is to trojan a Debian package. I wonder how long it would take
to find out... Maybe it did already happen, who knows?
> | > I believe that postinsts need the flexibility shell (or perl or
> | > python or whatever) gives them. If you want to restrict postinsts
> | > to only be able to do a limited set of operations, the quality of
> | > packages will detoriate quite a bit as they are no longer flexible
> | > enough to cater for all packages's needs.
In fact, I think the opposite would be the case: The quality of Debian
would rise, because there would be the need to establish standard
interfaces for all reasonable cases where packages have to mess
with the system during installation. Compare this with running windows
applications without system privileges. You could argue as above,
that the quality of those programs will detoriate, because applications
are no longer flexible to cater for all applications's need. So
where is the difference?