Proposal: Amendment for section 7.7 debian policy
Hi,
i would like to propose an addendum to section 7.7 of the Debian Policy:
| Build-Depends and Build-Depends-Indep must not depend directly or
| indirectly on packages which provide network services.
Rationale:
a) Packages with no secure default configuration may expose the building
machine. Also network facing services may expose the system to
security issues.
b) You can not relay on the assumption that init-scripts are not called
within a building chroot.
Improvments of the above text are welcome and reasons that proof me
wrong also.
--
Martin Zobel-Helas <zobel@debian.org> | Debian System Administrator
Debian & GNU/Linux Developer | Debian Listmaster
Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870
GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870
Reply to: