[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: new source format



On 17 Mar 1999, Kai Henningsen wrote:

> jmlb2@hermes.cam.ac.uk (Jules Bean)  wrote on 16.03.99 in <Pine.SOL.3.95q.990316124800.2674O-100000@red.csi.cam.ac.uk>:
> 
> > Is having a long Unpack-Commands header preferable to an unpack control
> > script?
> >
> > I would have thought the latter was more flexible.
> 
> That's *why* the header solution is preferrable. Ian has always pointed  
> out (and I now think he's right) that we do not want arbitrary scripts  
> executed on unpacking the source. That's just too dangerous.
> 
> Of course, you could still put this in a separate file and _call_ that an  
> "unpack script", but the important thing is that it needs to have a  
> severely restricted syntax that does *not* allow calling arbitrary  
> commands.

(I confess to playing devils advocate)

Why is it dangerous to allow arbitrary scripts to be executed?

We allow arbitrary scripts to be executed from debian/rules.  That's
pretty dangerous, isn't it?  I could slip an rm -fr ~ into a debian/rules
in a package I maintain.  Presumably, you trust me not to do that.

Jules
 
/----------------+-------------------------------+---------------------\
|  Jelibean aka  | jules@jellybean.co.uk         |  6 Evelyn Rd	       |
|  Jules aka     | jules@debian.org              |  Richmond, Surrey   |
|  Julian Bean   | jmlb2@hermes.cam.ac.uk        |  TW9 2TF *UK*       |
+----------------+-------------------------------+---------------------+
|  War doesn't demonstrate who's right... just who's left.             |
|  When privacy is outlawed... only the outlaws have privacy.          |
\----------------------------------------------------------------------/


Reply to: