Re: Bug#753704: ITP: amap -- Next-generation scanning tool for pentesters
On Mon, Jul 07, 2014 at 12:19:15AM +0200, Jakub Wilk wrote:
> * Adam Borowski <kilobyte@angband.pl>, 2014-07-06, 21:04:
> >I see some legitimate scenarios for a single package to have
> >something both in $X/bin and $X/sbin, but not really across
> >package boundaries.
>
> These are deliberate:
None of your examples break policy 10.1: they don't install something with a
different functionality, just wrappers and/or different implementation.
The abuse we're trying to prevent is putting totally different things under
the same basename, like amap the biology tool vs amap the network scanner.
> * safe-rm ships /usr/bin/rm;
> * molly-guard ships /usr/sbin/{halt,poweroff,reboot,shutdown}
These are wrappers which add some checks.
> * elvis-tiny ships /bin/vi (like other vi clones, it also installs
> an alternative for /usr/bin/vi)
This provides a lightweight implementation of same functionality for those
who use the obsolescent /usr split.
Another case would be colorgcc or ccache: they use PATH ordering (not
installed by default) to do their thing.
By the way, it would be nice to have a common scheme for installing wrappers
of this kind -- especially if /bin vs /usr/bin is going to go away.
> Would you call them “legitimate” or not?
I'd use the policy 10.1 test here: variants of same functionality are
legitimate, unrelated functionality is not.
--
Gnome 3, Windows 8, Slashdot Beta, now Firefox Ribbon^WAustralis. WTF is going
on with replacing usable interfaces with tabletized ones?
Reply to: