Re: Alternative plan for DDP

To: debian-doc@lists.debian.org
Subject: Re: Alternative plan for DDP
From: "Francesco P. Lovergine" <frankie@debian.org>
Date: Wed, 04 Feb 2004 11:04:34 +0100
Message-id: <[🔎] 20040204100433.GA8160@firewall.ba.issia.cnr.it>
Mail-followup-to: debian-doc@lists.debian.org
In-reply-to: <[🔎] 20040203214621.GA7003@aokiconsulting.com>
References: <[🔎] 20040203214621.GA7003@aokiconsulting.com>

On Tue, Feb 03, 2004 at 10:46:21PM +0100, Osamu Aoki wrote:
> joy's (I think) cron script to check out CVS 
>  Step 1: checkout from alioth.debian.org (source1)
>  Step 2: export from cvs.debian.org      (source2)
>  Step 3: copy source2 over source1 with cp -af
>  Build like he does now using Makefile in parent directory.
> 

Important hint: every script/makefile must use '-f Makefile' explicitly in 
make invocation to avoid the default name overriding by malicious
use of GNUmakefile. That's mandatory IMHO. Setting of MAKEFILES could
also be considered to avoid this kind of potential abuse.

The point is not considering alioth cvs more trustable than needed.
That's also my concern about having scripts cvs mantained on alioth,
of course.

-- 
Francesco P. Lovergine

Reply to:

Follow-Ups:
- maint-guide et other lost children
  - From: "Francesco P. Lovergine" <frankie@debian.org>
- Re: Alternative plan for DDP
  - From: Osamu Aoki <osamu@debian.org>

References:
- Alternative plan for DDP
  - From: Osamu Aoki <osamu@debian.org>

Prev by Date: Re: Alternative plan for DDP
Next by Date: Re: Alternative plan for DDP
Previous by thread: Re: Alternative plan for DDP
Next by thread: maint-guide et other lost children
Index(es):
- Date
- Thread