Re: opposition against clamav-data in debian volatile

To: debian-devel@lists.debian.org
Subject: Re: opposition against clamav-data in debian volatile
From: Charles Plessy <plessy@debian.org>
Date: Wed, 23 Sep 2009 09:42:38 +0900
Message-id: <[🔎] 20090923004238.GA32378@kunpuu.plessy.org>
In-reply-to: <[🔎] f3c99a80909220513s4a42c585n8aa1755dbc232e6a@mail.gmail.com>
References: <[🔎] f3c99a80909220513s4a42c585n8aa1755dbc232e6a@mail.gmail.com>

Le Tue, Sep 22, 2009 at 02:13:38PM +0200, Javier Fernandez-Sanguino a écrit :
> 
> This really sounds like there is a "use case" for data-only "packages" that:
> 
> - do not include maintainer scripts (dpkg refuses to run them) or are
> only allowed a set of limited tasks (run in a restricted shell or with
> reduced privileges)
> 
> - are only allowed to write in a specific place on disk (such as
> /var/lib/<packagename>)
> 
> Wouldn't that reduce the problems surrounding clamav-data and other
> frequently-updated data packages?
> 
> <long-shot>Maybe that's something that could be taken on board by dpkg
> maintainers?</long-shot>

Hi Javier,

it is an interesting idea to define a set of criteria that data package must
follow, but I think it will be much easier for everybody to have this enforced
by a policy rather than by tools.

Have a nice day,

-- 
Charles Plessy
Debian Med packaging team,
http://www.debian.org/devel/debian-med
Tsurumi, Kanagawa, Japan

Reply to:

References:
- Re: opposition against clamav-data in debian volatile
  - From: Javier Fernandez-Sanguino <jfs@debian.org>

Prev by Date: Re: zendframework package with or without bin package
Next by Date: Re: zendframework package with or without bin package
Previous by thread: Re: opposition against clamav-data in debian volatile
Next by thread: Re: Packages that download/install unsecured files
Index(es):
- Date
- Thread